<div dir="ltr">Adding list back<div><br></div><div>For your use-case user federation is not the way to go. As I said it's been designed to pull users from an external datasource into Keycloak, not to sync users into your application.</div><div><br></div><div>You have two options really:</div><div><br></div><div>a) Add users when the login to your application. All the details you need about the user can be added to the token and you should only store what your application needs when the user is not around, the rest you can retrieve from the token. This is the simplest and I'd recommend this</div><div>b) Add an event listener that notifies your application when new users register (if you have registration enabled) and when admins create users<br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On 4 May 2016 at 09:44, Juan Diego <span dir="ltr"><<a href="mailto:juandiego83@gmail.com" target="_blank">juandiego83@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><p dir="ltr">It is more a question of design, I think. I have my app with its own database, it has a table users with a relation one to many to another table let's call it songs. The only reason I have the table users in my app is because I need a way to know which songs belong to my users. I am using keycloak to manage my login. <br>
I asked a while a long how people handle this and someone referred to custom federation providers. <br>
My question is really regarding how to handle the relations of your data when you have your users in a different database from the rest of your data. </p>
<p dir="ltr">So far I can only think on 3 ways to solve this<br>
1) providers syncing users from keycloak to my database replicating user ID. I managed to make this work on my provider at the end, before you told me providers are not meant for this. <br>
2) managing users in my own app. By this I mean I wouldn't use keycloak web interface to create or delete users. I have a form to create users in my app, and when I save the data it connects to keycloak s rest api creates a user if it works it copies username email and the Id generated by keycloak to my local table users<br>
3) adding users in keycloak first then if they logging for the first time add the user to the database </p>
<p dir="ltr">So far I was doing the 2nd option, it seems the best suited. Is there another way to maintain data relation with keycloak</p><div class="HOEnZb"><div class="h5">
<div class="gmail_quote">El may. 4, 2016 1:08 AM, "Stian Thorgersen" <<a href="mailto:sthorger@redhat.com" target="_blank">sthorger@redhat.com</a>> escribió:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Not sure I'm following. Keycloak can sync users created from your database, but it can't write users back. New users created in Keycloak directly are only stored in Keycloaks database.</div><div class="gmail_extra"><br><div class="gmail_quote">On 29 April 2016 at 23:52, Juan Diego <span dir="ltr"><<a href="mailto:juandiego83@gmail.com" target="_blank">juandiego83@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">So The recommend way would be to create my own user administrator and when I create a user it will create a user on keycloak via keycloak s rest api.<div><div><br><br><br><div><div class="gmail_extra"><div class="gmail_quote">On Thu, Apr 28, 2016 at 11:21 PM, Stian Thorgersen <span dir="ltr"><<a href="mailto:sthorger@redhat.com" target="_blank">sthorger@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">User federation isn't designed to push users created in Keycloak to the database. It only supports syncing users that are created in the database.</div><div class="gmail_extra"><br><div class="gmail_quote"><div><div>On 27 April 2016 at 18:55, Juan Diego <span dir="ltr"><<a href="mailto:juandiego83@gmail.com" target="_blank">juandiego83@gmail.com</a>></span> wrote:<br></div></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div><div dir="ltr"><div><div><div>I was checking the example for federation-properties-example. In both examples when you sync all users, it just checks for the users in the properties file and adds it to keycloak if it doesnt exist.<br></div>If I want to do it both ways, so it adds users from keycloak to my database, and users from my database to keycloak. Should I add them here? I am not managing any password on my database, so i just need user id and username and maybe email.<br><br></div>Also when I add a new user I can tell that syncronizeRegistrations() is being called but it is null. In order to create a new user in my database, should I call a create user function to my database here.<br><br></div>Thanks,<br><br><br></div>
<br></div></div>_______________________________________________<br>
keycloak-user mailing list<br>
<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br></blockquote></div><br></div>
</blockquote></div><br></div></div></div></div></div>
</blockquote></div><br></div>
</blockquote></div>
</div></div></blockquote></div><br></div>