<div dir="ltr">Write a custom identity provider extending OIDCIdentityProvider and override getFederatedIdentity. See <a href="http://keycloak.github.io/docs/userguide/keycloak-server/html/providers.html">http://keycloak.github.io/docs/userguide/keycloak-server/html/providers.html</a> on how to deploy to Keycloak. I would imagine you don't need 1 as the sub (UID) should be available in the access token.</div><div class="gmail_extra"><br><div class="gmail_quote">On 8 March 2016 at 03:45, Eugene Chow <span dir="ltr"><<a href="mailto:eugene.chow.ct@gmail.com" target="_blank">eugene.chow.ct@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi guys,<br>
<br>
I need to make Keycloak authenticate against a custom-built OpenID endpoint that’s not under my control. Keycloak authenticates flawlessly. The “but” here is that the endpoint doesn’t implement a standard User Info endpoint, so Keycloak isn’t able to grab the user’s profile. Getting the user’s profile is a 2-step process.<br>
<br>
1) Get the UID of the user from the standard User Info endpoint: <a href="https://custom.openid.io/openid/connect/v1/userinfo" rel="noreferrer" target="_blank">https://custom.openid.io/openid/connect/v1/userinfo</a><br>
2) Use the UID from Step 1 to obtain the real User Info from here: <a href="https://custom.openid.io/realuserinfo/v1/users" rel="noreferrer" target="_blank">https://custom.openid.io/realuserinfo/v1/users</a><br>
<br>
To make this happen, I have a feeling that I have to roll out my own identity provider and probably write a plugin using the Auth SPI. Could you please guide me in the right direction?<br>
<br>
Thanks in advance!<br>
_______________________________________________<br>
keycloak-user mailing list<br>
<a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></blockquote></div><br></div>