[keycloak-user] Document how to generate a custom signed JWT when user is authenticated

[HILEM Youcef]

Hi,

I do not find documentation that provides instructions on how to implement
a custom JWT for Keycloack.

My need is to create Custom Tokens for Google Firestore (
https://firebase.google.com/docs/auth/admin/create-custom-tokens).


Firebase gives you complete control over authentication by allowing you to
authenticate users or devices using secure JSON Web Tokens (JWTs). You
generate these tokens on your server, pass them back to a client device,
and then use them to authenticate via the signInWithCustomToken() method.

To achieve this, you must create a server endpoint that accepts sign-in
credentials—such as a username and password—and, if the credentials are
valid, returns a custom JWT. The custom JWT returned from your server can
then be used by a client device to authenticate with Firebase (iOS
<https://firebase.google.com/docs/auth/ios/custom-auth/>, Android
<https://firebase.google.com/docs/auth/android/custom-auth/>, web
<https://firebase.google.com/docs/auth/web/custom-auth/>). Once
authenticated, this identity will be used when accessing other Firebase
services, such as the Firebase Realtime Database and Cloud Storage.
Furthermore, the contents of the JWT will be available in the auth object
in yourFirebase Realtime Database Security Rules
<https://firebase.google.com/docs/database/security/> and the
request.auth object
in your Cloud Storage Security Rules
<https://firebase.google.com/docs/storage/security/>.

You can create a custom token with the Firebase Admin SDK, or you can use a
third-party JWT library if your server is written in a language which
Firebase does not natively support.


Thanks

Youcef HILEM