[keycloak-user] Keycloak customised credential model
Mangna POUTOULI
mangna.poutouli at gmail.com
Wed Aug 1 08:25:48 EDT 2018
We desire to create customised credential SPI for device fingerprinting. We
developed an authenticator SPI but we got an issue about credential size.
By default standard credential model limits the secret attribute to 4 KB.
Our fingerprint requires around 30 KB. What is the best way to solve this
issue ? Based on our research, I think there are 3 different approaches:
1. split the fingerprint in 4K blocks. Simple to develop but it will
increase credential table entries by 8 ! Also, the 4K default size might
change in a future release.
2. extend userstorage and credentialModel classes. I’m not sure of this
solution as the users are local to Keycloak.
3. extend UsercredentialStore and create a new credential table.
>From my perspective, this should be the best solution but not sure it will
be possible. I’ll be happy to get community advice. Thanks,
More information about the keycloak-user
mailing list