Thanks a lot for your response. I went through the chapter. What I
understand is we can create multiple executions (authentication providers)
but they are executed in a serial fashion in a fixed order defined. Is
there a way to be able to switch between them (so, not have it executed in
the default serial way but depending on the response we get from an
external service we called, we can switch to the corresponding one). Any
ideas?
On Tue, May 17, 2016 at 3:49 AM, Marek Posolda <mposolda(a)redhat.com> wrote:
The docs is here :
http://keycloak.github.io/docs/userguide/keycloak-server/html/auth_spi.html
We have also example for authentication SPI. Note that you can create
sub-flows in the "top" flow, which might be a way to split the
authenticator into multiple ones. For example see "Forms" flow in default
"Browser" flow. Also maybe you will need to implement some logic
programatically in your authenticators based on various conditions etc.
Depends on the usecase though...
Marek
On 16/05/16 23:52, Rashmi Singh wrote:
Hi,
I am looking for a way to do authentication provider chaining with
keycloak. Basically, I want to have multiple authentication providers,
example username, Suregrid etc. On submitting username, we call a service
and if that service tells us to use SureGrid, then we should be able to
pass control to the corresponding authentication provider. So basically, I
want to spilt one authentication provider into multiple and be able to
chain them based on the response from the service called. I have not found
any documentation that explains this. Could you suggest how to achieve this?
_______________________________________________
keycloak-dev mailing
listkeycloak-dev@lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-dev