[keycloak-user] Integration keycloak with application UI

Nalyvayko, Peter pnalyvayko at agi.com
Thu Nov 1 13:17:00 EDT 2018 

Chandra,

You may want to consider using resource owner password flow (direct grant in keycloak nomeclature) if you are absolutely bent on providing your own login pages. The flow is typically reserved for trusted clients so the users will have to trust your app 
My $0.02 
________________________________________
From: keycloak-user-bounces at lists.jboss.org [keycloak-user-bounces at lists.jboss.org] on behalf of Fox, Kevin M [Kevin.Fox at pnnl.gov]
Sent: Thursday, November 1, 2018 11:41 AM
To: Henning Waack; csekar at redhat.com
Cc: keycloak-user at lists.jboss.org
Subject: Re: [keycloak-user] Integration keycloak with application UI

One of the big selling points of oidc is that it removes the need for most components to ever handle a password. It centralizes that part to only the component that must handle it does. This offers significant security benefits. I would not try and work around this. Its an important feature.

Thanks,
Kevin
________________________________________
From: keycloak-user-bounces at lists.jboss.org [keycloak-user-bounces at lists.jboss.org] on behalf of Henning Waack [henning.waack at codecentric.de]
Sent: Thursday, November 01, 2018 4:26 AM
To: csekar at redhat.com
Cc: keycloak-user at lists.jboss.org
Subject: Re: [keycloak-user] Integration keycloak with application UI

Hi Chandra.

It is not recommended to not use the KC login pages. OIDC is build on
browser redirects (for browser applications). So you should just theme your
KC pages so that it fits with your CD and leave things as they are. See
https://lists.jboss.org/pipermail/keycloak-user/2016-December/008873.html
for example.

Greetings

Henning

Am Do., 1. Nov. 2018 um 06:37 Uhr schrieb K Chandra Sekar <csekar at redhat.com
>:

> Hey,
>
> I want to integrate application with Keycloak IAM system.I am trying to use
> KeyCloak to protect my application using OpenID connect.But I want to use
> application's login UI and don't want to direct user to keycloak login UI
> page to authenticate.Keycloak has Spring boot adapter which does the job it
> still it directs to the keycloak UI for login.I searched for any api to use
> from my app UI but i am nit getting anything and i am struck here.Kindly
> suggest me a a workaround or solution so that i can move
> forward.Anticipating a positive reply.
>
> Thanks and regards,
> K.Chandra Sekar
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>


--

Henning Waack | IT Consultant


codecentric AG | Hochstraße 11
<https://maps.google.com/?q=Hochstra%C3%9Fe+11%C2%A0+%7C+%C2%A0+42697+Solingen+%C2%A0%7CDeutschland&entry=gmail&source=g>
|
<https://maps.google.com/?q=Hochstra%C3%9Fe+11%C2%A0+%7C+%C2%A0+42697+Solingen+%C2%A0%7CDeutschland&entry=gmail&source=g>

<https://maps.google.com/?q=Hochstra%C3%9Fe+11%C2%A0+%7C+%C2%A0+42697+Solingen+%C2%A0%7CDeutschland&entry=gmail&source=g>42697
Solingen
<https://maps.google.com/?q=Hochstra%C3%9Fe+11%C2%A0+%7C+%C2%A0+42697+Solingen+%C2%A0%7CDeutschland&entry=gmail&source=g>
 |Deutschland
<https://maps.google.com/?q=Hochstra%C3%9Fe+11%C2%A0+%7C+%C2%A0+42697+Solingen+%C2%A0%7CDeutschland&entry=gmail&source=g>


tel: +49 (0)151 108 515 29

www.codecentric.de | blog.codecentric.de | www.meettheexperts.de

Sitz der Gesellschaft: Solingen | HRB 25917 | Amtsgericht Wuppertal

Vorstand: Michael Hochgürtel . Ulrich Kühn . Rainer Vehns
Aufsichtsrat: Patric Fedlmeier (Vorsitzender) . Klaus Jäger . Jürgen Schütz

Diese E-Mail einschließlich evtl. beigefügter Dateien enthält vertrauliche
und/oder rechtlich geschützte Informationen. Wenn Sie nicht der richtige
Adressat sind oder diese E-Mail irrtümlich erhalten haben, informieren Sie
bitte sofort den Absender und löschen Sie diese E-Mail und evtl.
beigefügter Dateien umgehend. Das unerlaubte Kopieren, Nutzen oder Öffnen
evtl. beigefügter Dateien sowie die unbefugte Weitergabe dieser E-Mail ist
nicht gestattet.
_______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user

_______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user

More information about the keycloak-user mailing list