[keycloak-user] register new user; redirect to specific client url

John Norris johnnorris-10 at outlook.com
Tue Sep 24 09:27:30 EDT 2019 

Thanks for this Marek.
 "Use the single redirect URL as an "entry point" of your application." How would the application know that it had come from new user registration? I already have a root URL set for the client?
What would be useful is if return from new user mapped to a particular endpoint. Could I raise that as an enhancement? So within keycloak client admin, with the allow registration switch, add an endpoint as well.
Regards
John

Get Outlook for Android<https://aka.ms/ghei36>

________________________________
From: Marek Posolda <mposolda at redhat.com>
Sent: Tuesday, September 24, 2019 1:28:17 PM
To: John Norris <johnnorris-10 at outlook.com>; keycloak-user at lists.jboss.org <keycloak-user at lists.jboss.org>
Subject: Re: [keycloak-user] register new user; redirect to specific client url

Not sure I understand the use-case 100% correctly, bu I think you can:

- Implement EventListener, which will allow you to do some callback when
registration of new user happens in Keycloak. For example add some role
or other data specific to your application to the DB used by your
application
- Use the single redirect URL as an "entry point" of your application.
Or eventually use something like servlet filter (if your application is
servlet based) or something similar. That may allow you to doublecheck
the content of the IDToken and check if the user is "known" to your DB
(then it's not new user) or it is unknown user (hence new registered
user). You can also check the "createdDate" of user in the token and
compare with current time .

Hopefully some of those options (or some slight variant of it) will work
for your use-case.

Marek

On 22. 09. 19 13:36, John Norris wrote:
> I have an app secured by keycloak. Going to a secured page brings up a keycloak login page and the correct user/password gives the expected results.
> Within the client, I have switched on user registation. So now the login page shows a register link, which displays another keycloak page allowing the user to register with name, username, email.
> This "works" in that the user is added to the keycloak user database. But the application displays the error page because a role is not mapped to that user in keycloak.
> What I would like to happen is to be able to add the new user to the apps own user database, associate a role with the user, perhaps do some verification of the user.
> So I don't really know what keycloak is sending back to the app except that it eventually leads to /error. Is there a way to tell keycloak after a new registration contact this url where things can happen within the app?
>
> I realise that I could set a default role. But I really want a way of telling keycloak to go to a specific URL after a new user registration is completed.
>
> Regards,
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user

More information about the keycloak-user mailing list