[keycloak-user] How to register new users without using admin API

[Eickhold Johannes (e)]

Does Keycloak provide a public REST API to create new users besides the admin API (http://www.keycloak.org/docs-api/3.4/rest-api/index.html#_users_resource)?
I know about the Keycloak registration form that is part of the OpenID Connect flow, but I don't want to use the redirects required during the OpenID Connect flows.

We considered using OpenID Connect using the implicit flow and "Resource Owner Password Credential Grant" from within an Angular SPA but do not see a possibility to let users create their own accounts in this scenario. What would be the recommended way to let users register themselves here?

In the previous mentioned scenario, I know that it's possible to authenticate a user using the "authorization_endpoint" which can be retrieved from the following endpoint:

/auth/realms/<real-name>/.well-known/openid-configuration

Is there an equivalent endpoint to register respectively to create a new user?

Other question:
How does Keycloak prevent attackers from excessively creating user accounts using the OpenID Connect flows if captchas are not activated?

Thanks in advance,
Johannes.

------------------------------------------------

 [cid:image001.jpg at 01D369E9.31D42700]   Leading Business IT Solutions

Bison Schweiz AG
Allee 1A
CH-6210 Sursee






Phone direct



+41 58 226 02 31

Phone



+41 58 226 00 00

Fax



+41 58 226 00 50


johannes.eickhold at bison-group.com <mailto:johannes.eickhold at bison-group.com>

www.bison-group.com<http://www.bison-group.com/>


-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 21761 bytes
Desc: image001.jpg
Url : http://lists.jboss.org/pipermail/keycloak-user/attachments/20171130/7fd01e0e/attachment-0001.jpg