On Tue, Mar 17, 2015 at 1:41 PM Leonardo Loch Zanivan <
leonardo.zanivan(a)gmail.com> wrote:
Admin management isn't the case.
The problem is that social providers automatically "import" new users.
The social login buttons should be visible in login, but not add new users.
It could be a configuration per provider.
On Tue, Mar 17, 2015 at 12:15 PM Marek Posolda <mposolda(a)redhat.com>
wrote:
> On 17.3.2015 16:03, Stian Thorgersen wrote:
> >
> > ----- Original Message -----
> >> From: "Bill Burke" <bburke(a)redhat.com>
> >> To: keycloak-dev(a)lists.jboss.org
> >> Sent: Tuesday, March 17, 2015 3:56:23 PM
> >> Subject: Re: [keycloak-dev] Social login with user registration
> disabled
> >>
> >> Ho could we actually implement that. We're dependent on a UserModel
> >> existing after the social login.
> > If auto-provision was disabled we'd only allow users to login with a
> identity provider after they have linked the account with a provider. We
> can (and should) also make it possible for admins to add links (an admin
> would just need to know the provider-id and the external user-id to do
> that). Users that try to login without having an account already would just
> get an error.
> We have already admin REST endpoints to add/get/remove links. However in
> admin console UI, it's read-only at this moment (admin can see links,
> but can't add/remove them in UI).
>
> Marek
> >
> >> On 3/17/2015 10:54 AM, Stian Thorgersen wrote:
> >>> It's not directly linked to user registration. When a user logs in
the
> >>> first time with an external idp the user is automatically
> provisioned. We
> >>> can add an option on each identity provider to enable/disable
> >>> automatically provisioning of users. Please create a jira to request
> that.
> >>>
> >>> ----- Original Message -----
> >>>> From: "Leonardo Loch Zanivan"
<leonardo.zanivan(a)gmail.com>
> >>>> To: keycloak-dev(a)lists.jboss.org
> >>>> Sent: Tuesday, March 17, 2015 3:49:05 PM
> >>>> Subject: [keycloak-dev] Social login with user registration
disabled
> >>>>
> >>>> I have a requirement in a SaaS application to disable user
> registration,
> >>>> so
> >>>> only administrators can register new users.
> >>>>
> >>>> Users should be able to login with social providers such as Google+
> and
> >>>> Facebook. To allow this, each user could link in his profile.
> >>>>
> >>>> However, when I enable social login, new users are registred
> automatically
> >>>> to
> >>>> the realm. I don't think that right, since User Registration is
> disabled.
> >>>>
> >>>> :/
> >>>>
> >>>> _______________________________________________
> >>>> keycloak-dev mailing list
> >>>> keycloak-dev(a)lists.jboss.org
> >>>>
https://lists.jboss.org/mailman/listinfo/keycloak-dev
> >>> _______________________________________________
> >>> keycloak-dev mailing list
> >>> keycloak-dev(a)lists.jboss.org
> >>>
https://lists.jboss.org/mailman/listinfo/keycloak-dev
> >>>
> >> --
> >> Bill Burke
> >> JBoss, a division of Red Hat
> >>
http://bill.burkecentral.com
> >> _______________________________________________
> >> keycloak-dev mailing list
> >> keycloak-dev(a)lists.jboss.org
> >>
https://lists.jboss.org/mailman/listinfo/keycloak-dev
> >>
> > _______________________________________________
> > keycloak-dev mailing list
> > keycloak-dev(a)lists.jboss.org
> >
https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/keycloak-dev
>