Re: [keycloak-dev] Google redirect url
On Thu, Jan 14, 2016 at 9:48 AM, Stian Thorgersen <sthorger(a)redhat.com>
wrote:
On 13 January 2016 at 22:09, Thomas Raehalme <
thomas.raehalme(a)aitiofinland.com> wrote:
> Hi!
>
> Google doesn't accept wildcards in redirect URLs. This means I have to
> create a separate client for every realm in the Google console.
>
> Any chance we could have a shared redirect URL across realms? Maybe as an
> option in the federation configuration? Then I could share the same Google
> config for each tenant.
>
-1 The client in Google should be per-realm as otherwise you're also
sharing the config in Google (logo, contact email, etc) and also consent.
Also, all logic here is per-realm so it would be a fair bit of special code
to be able to support this.
I understand your points, but in a SaaS application with a realm per
tenant, it would simplify operations a great deal. You'd probably be
sharing the config in Google anyways.
For example, themes are also shared across realms so would it really be
such a big problem considering the advantages?
Best regards,
Thomas
Attachments:
- attachment.html (text/html — 1.9 KB)