<div dir="ltr">Let me clarify the work flow.<div><br></div><div>organizer is a keyclock user. he schedules a webinar and an invitation mail will be sent to all participants(guest users). the mail will have webinarid/webinar secret. When participants(guest users) visits webinar portal it should ask for webinar Id/secret to authenticate.</div><div><br></div><div>How to achieve this with keycloak assuming two kinds of applications under same realm?</div><div><br></div><div>Thanks</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Jan 18, 2016 at 1:58 PM, Naresh Kumar Reddy <span dir="ltr"><<a href="mailto:pnreddy.svu@gmail.com" target="_blank">pnreddy.svu@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">login is required but with custom fields like webinarId/webinar secret which are common for all guest users.</div><div class="HOEnZb"><div class="h5"><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Jan 18, 2016 at 1:45 PM, Stian Thorgersen <span dir="ltr"><<a href="mailto:sthorger@redhat.com" target="_blank">sthorger@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Assuming by guest users you mean that no login is required then why does it need securing at all?</div><div class="gmail_extra"><br><div class="gmail_quote"><div><div>On 16 January 2016 at 02:53, Naresh Kumar Reddy <span dir="ltr"><<a href="mailto:pnreddy.svu@gmail.com" target="_blank">pnreddy.svu@gmail.com</a>></span> wrote:<br></div></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div><div dir="ltr">Hi,<div><br></div><div>We have two applications which provides webinar functionality.</div><div><br></div><div>1) Provisioning app-- Organizers provision webinar and manage their account. Since organizers are Keycloak users, I can secure provisioning app out of the box.</div><div><br></div><div>2) Webinar app-- The users of this app are organizers and participants. Participants are no more provisioned as Keycloack users. Those are guest users. </div><div><br></div><div> My question is how do we secure second app with keyclock?</div><div> </div><div><b><u> Note</u></b>: Both apps will be under same realm.</div><div><br></div><div>Is there anyway to secure with custom field like webinarId which is passed as a parameter?</div><div><br></div><div>Or something better solution?</div><div><br></div><div>Under same realm securing one app with keycloak users and other app with custom authentication?</div><div><br></div><div>Thanks for the great work.</div><div><br></div><div><br></div><div>Thanks & Regards</div><span><font color="#888888"><div>Naresh</div></font></span></div>
<br></div></div>_______________________________________________<br>
keycloak-user mailing list<br>
<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br></blockquote></div><br></div>
</blockquote></div><br></div>
</div></div></blockquote></div><br></div>