[keycloak-user] scripts or API to query attributes from an external SQL database, but don't keep them in Keycloak?
Weijun Gao
wgao at utsc.utoronto.ca
Thu Jul 27 14:03:20 EDT 2017
Hi,
We have a SQL database with user groups but the database cannot be used
for authentication (no passwords). We want to authenticate users using
AD / LDAP, but get a user's group information from the SQL database
after authentication for authorization purposes (or sending to clients
as custom attributes) without saving these attributes / group info in
Keycloak:
1) authenticate using AD / LDAP
2) query user group info from the SQL database
3) authorize / send as custom attributes
There are many user groups in the SQL database, so we don't want to
maintain them in AD.
Can someone please shed some light on this? Methods / examples /
documentation? We are kind of new to Keycloak.
Thanks and regards,
Weijun
More information about the keycloak-user
mailing list