[keycloak-user] Use Existing Database without Importing Users
pubudu gunawardena
pubudupg at gmail.com
Mon May 25 20:14:02 EDT 2015
Thanks for the answer Marek. I actually did look into the user
federation example that comes with keycloak. In the settings for that,
there are buttons/settings to fully import users or to import
differences periodically which would bring the data to keycloak. The
thing is that there is already a database for users for the custom
website and Wordpress will also create its own users on login. With
keycloak there will be a third database of users whiich I feel will
lead to difficulties in maintaining. That is the reason why I wanted
to look for a solution that would not import the data to keycloak, but
authenticate against my user database directly.
On Mon, May 25, 2015 at 7:38 PM, Marek Posolda <mposolda at redhat.com> wrote:
> It depends what exactly you need.
> 1) There is User Federation SPI, which allows to pull data about users from
> your own database and partially import it to Keycloak. See docs
> http://keycloak.github.io/docs/userguide/html/user_federation.html . This
> SPI allows you to specify which data will be pulled from your DB to Keycloak
> DB, so your store doesn't need to support storing all Keycloak user metadata
>
> 2) UserProvider SPI - in this case you will need to implement whole model by
> yourself. Note that your store will need to support all Keycloak metadata
> (For example data about user's required actions etc).
>
> For most deployments (1) is better and much easier choice.
>
> Marek
>
>
> On 25.5.2015 11:32, pubudu gunawardena wrote:
>>
>> Hi All,
>>
>> I am trying to use Keycloak to implement SSO for two websites, one
>> Wordpress and another custom implemented. I want to make Keycloak use
>> the existing database but would prefer to not import the data to
>> Keycloak, which would make another copy of the data. Is something like
>> this possible with keycloak?
>
>
--
Thanks,
Pubudu
More information about the keycloak-user
mailing list