[keycloak-user] MultiTenancy / MultiRealms
Sascha Skorupa
sascha.skorupa at traveltainment.de
Tue Oct 27 04:36:34 EDT 2015
Hi,
currently we have implemented an own Resolver that loads the "keycloak.json" configuration by extracting the realm name from the issuer element of the token because the realm name is not explicitly mapped. But I think it is possible to implement a custom protocol mapper to map the realm explicitly to the token.
It is not finally clarified how to load the configuration dynamically from a wildfly subsystem.
- sascha
-----Ursprüngliche Nachricht-----
Von: keycloak-user-bounces at lists.jboss.org [mailto:keycloak-user-bounces at lists.jboss.org] Im Auftrag von Juraci Paixão Kröhling
Gesendet: Montag, 26. Oktober 2015 18:18
An: keycloak-user at lists.jboss.org
Betreff: Re: [keycloak-user] MultiTenancy / MultiRealms
On 10/16/2015 02:00 PM, Sascha Skorupa wrote:
> we want to authenticate users from different realms in one
> client/application. We looked at the multitenancy example but there
> the realms are distinguished by the requested URL. In our case the
> users send tokens to the application from different issuers. Is there
> any recommendation how to handle this?
If you are able to determine the realm from the token, then you can just implement your own KeycloakConfigResolver.
http://git.io/vW6kF
- Juca.
_______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list