Hi all,
A gentle reminder to my query regarding User SPI.
Regards,
Muein
On Wed, Nov 16, 2016 at 6:52 PM, Muein Muzamil <
shmuein+keycloak-dev(a)gmail.com> wrote:
Hi all,
We have implemented custom authenticators to integrate with an external
authentication API. After successful authentication, the API returns user
attributes back. Right now we save this user into DB as shown below, which
works well.
user = userFederationManager.addUser(context.getRealm(), username)
user.setEnabled(true);
mapUserAttributesToUserModel(user, userAttributes);
context.setUser(user);
We have some privacy and security related requirements because we which we
don't want to store user information in KeyCloak database for a longer
period. We were thinking to implement some scheduled job to clean up user
data from KeyCloak database but I noticed that in KeyCloak 2.3 new User SPI
is introduced which allows users to be pull in without sync in user into
KeyCloak database.
1. So I was wondering how can I use this SPI to avoid storing user
data in DB.
2. Can I imagine sticking user information in session and returning
user information from User SPI?
3. Do we have any sample implementations or documentation available
for User SPI?
Regards,
Muein