[keycloak-user] How to store and search for (standardized?) user attributes?
Marko Strukelj
mstrukel at redhat.com
Mon May 29 09:18:42 EDT 2017
I've never tried this myself, and we have no example for it, but in
principle you can copy some code from
https://github.com/keycloak/keycloak/blob/3.1.0.Final/services/src/main/java/org/keycloak/services/resources/admin/AdminRoot.java#L206-L219
and
https://github.com/keycloak/keycloak/blob/3.1.0.Final/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java#L184-L209
So, you'll have to construct AdminAuth, and RealmAuth by yourself.
On Mon, May 29, 2017 at 2:37 PM, Guus der Kinderen <
guus.der.kinderen at gmail.com> wrote:
> Hi Marko,
>
> Thanks for the feedback. How do I obtain a RealmAuth reference to work
> with, when extending the REST api?
>
> Regards,
>
> Guus
>
> On 15 May 2017 at 16:38, Marko Strukelj <mstrukel at redhat.com> wrote:
>
>> There is a method for this:
>> https://github.com/keycloak/keycloak/blob/3.1.0.Final/server
>> -spi/src/main/java/org/keycloak/storage/user/UserQueryProvid
>> er.java#L134-L148
>>
>> But there is no Admin REST API through which it would be exposed.
>>
>> You can add your custom REST endpoint and implement your custom search
>> call there.
>> See:
>> https://github.com/keycloak/keycloak/tree/3.1.0.Final/exampl
>> es/providers/rest for example.
>>
>> You'd have to make sure to protect your endpoint so its only accessible
>> to admin client. See how /users endpoint does this:
>> https://github.com/keycloak/keycloak/blob/3.1.0.Final/servic
>> es/src/main/java/org/keycloak/services/resources/admin/
>> UsersResource.java#L675
>>
>>
>>
>> On Mon, May 15, 2017 at 3:44 PM, Guus der Kinderen <
>> guus.der.kinderen at gmail.com> wrote:
>>
>>> *gently moves question back to the top of the mailinglist*
>>>
>>> On 2 May 2017 at 13:54, Guus der Kinderen <guus.der.kinderen at gmail.com>
>>> wrote:
>>>
>>> > Hi!
>>> >
>>> > We'd like to be able to store somewhat standard user attributes that
>>> > complete the email, first and last name values that Keycloak 'natively'
>>> > stores. Think of things like a date of birth, home/work address, phone
>>> > number, etc. Additionally, we'd like to be able to find users based on
>>> a
>>> > search query. We'd like to be able to answer questions like: "how many
>>> > users live in London?"
>>> >
>>> > So far, we've found the user attributes, where we could store this
>>> > information. That is a very generic solution though. Are there
>>> standardized
>>> > attribute names, profiles, that we can use?
>>> >
>>> > A further challenge is that we'd like to be able to query the user
>>> base,
>>> > based on attributes. We'd like to find people by address, by date of
>>> birth,
>>> > etc. The REST API does have search functionality, but it doesn't look
>>> like
>>> > you can find users by attribute value.
>>> >
>>> > Can anyone recommend a course of action here?
>>> >
>>> > Regards,
>>> >
>>> > Guus
>>> >
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>
>>
>>
>
More information about the keycloak-user
mailing list