[keycloak-user] Custom User Info URL for an OpenID Connect endpoint

Stian Thorgersen sthorger at redhat.com
Tue Mar 8 01:41:26 EST 2016


Write a custom identity provider extending OIDCIdentityProvider and
override getFederatedIdentity. See
http://keycloak.github.io/docs/userguide/keycloak-server/html/providers.html
on how to deploy to Keycloak. I would imagine you don't need 1 as the sub
(UID) should be available in the access token.

On 8 March 2016 at 03:45, Eugene Chow <eugene.chow.ct at gmail.com> wrote:

> Hi guys,
>
> I need to make Keycloak authenticate against a custom-built OpenID
> endpoint that’s not under my control. Keycloak authenticates flawlessly.
> The “but” here is that the endpoint doesn’t implement a standard User Info
> endpoint, so Keycloak isn’t able to grab the user’s profile. Getting the
> user’s profile is a 2-step process.
>
> 1) Get the UID of the user from the standard User Info endpoint:
> https://custom.openid.io/openid/connect/v1/userinfo
> 2) Use the UID from Step 1 to obtain the real User Info from here:
> https://custom.openid.io/realuserinfo/v1/users
>
> To make this happen, I have a feeling that I have to roll out my own
> identity provider and probably write a plugin using the Auth SPI. Could you
> please guide me in the right direction?
>
> Thanks in advance!
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160308/b3830e18/attachment.html 


More information about the keycloak-user mailing list