I think that many companies will want to manage keypairs/certificates
themselves. I'm thinking that we'll want to have an option for users to
set up client-certs themselves. For example, think of OTP. We have a
switch that requires the user to set up OTP when then log in. We could
provide the same for client certs where the user uploads their
certificate the first time they log in.
On 2/17/2015 4:12 AM, Giriraj Sharma wrote:
Hi,
To support *first/initial cut of certificate management *for realm
users, we can have keys and X509 Certificate generation for each
individual user at the time of its creation. This will imply for realm
admin too.
While viewing an individual user for any specific realm in
administrative console, we can have Keys View in addition to Attributes,
Credentials, Role Mappings and Sessions. Keys View (UI) will let user
retrieve, validate, revoke, renew(revoke+generate) and delete(optional)
his keys/Certificates.
If it makes sense, I shall start working around it.
--
Giriraj Sharma,
Department of Computer Science
National Institute of Technology Hamirpur
Himachal Pradesh, India
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com