9:49 a.m.
Hi,
Does keycloak provide an api that can generate a link for you to click on
and redirect you to let say github and login.
Let me sight an example, we have an application that is secured with
keycloak, we want to allow users to be able to login to the app using
github, facebook and google without having to go to the keycloak page in
any way.
What we want to do is, when the login page is called, the controller
generates the URI and is bound to the model. This model value is placed in
a particular social login button.
Any other suggestion is welcome.
Thank you.
10:43 a.m.
Many identity providers are supported out of the box with keycloak
including Facebook, GitHub, GitLab, BitBucket, OpenShift, Microsoft, and
LinkedIn to name a few. There are instructions for each respective provider
and if you have another identity provider who implements the OIDC protocol
they should work too provided they strictly adhere to the OIDC protocol.
Please see the following link from the official documentation.
https://www.keycloak.org/docs/latest/server_admin/index.html#social-ident...
Best regards,
Justin Gross
On Sat, Jun 29, 2019, 3:50 AM Yor Men <yormen1(a)gmail.com> wrote:
Hi,
Does keycloak provide an api that can generate a link for you to click on
and redirect you to let say github and login.
Let me sight an example, we have an application that is secured with
keycloak, we want to allow users to be able to login to the app using
github, facebook and google without having to go to the keycloak page in
any way.
What we want to do is, when the login page is called, the controller
generates the URI and is bound to the model. This model value is placed in
a particular social login button.
Any other suggestion is welcome.
Thank you.
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev
10:52 a.m.
Apologies, I just re-read your email.
I don't believe there is a built-in API to retrieve some special link that
completely bypasses Keycloak during authentication but even if there was
you would have to redirect to Keycloak at some point to complete the login.
That being said you might be able to implement a new authorization flow
which provides this functionality and then add a custom resource with an
API (as a Keycloak module) which can generate your link which initiates the
custom auth flow.
Maybe you don't need a login flow and can instead just make the Keycloak
resource/module. I'd look at how the login page generates the login buttons
it provides (and payload it uses) and then create the API you want which
does the same thing but without a UI as Keycloak module.
Just food for thought.
Sorry for replying in haste previously.
Thank you,
Justin Grosz
On Sat, Jun 29, 2019, 3:50 AM Yor Men <yormen1(a)gmail.com> wrote:
Hi,
Does keycloak provide an api that can generate a link for you to click on
and redirect you to let say github and login.
Let me sight an example, we have an application that is secured with
keycloak, we want to allow users to be able to login to the app using
github, facebook and google without having to go to the keycloak page in
any way.
What we want to do is, when the login page is called, the controller
generates the URI and is bound to the model. This model value is placed in
a particular social login button.
Any other suggestion is welcome.
Thank you.
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev
12:33 p.m.
If I understood you correctly, then you want to skip the Keycloak login
page and take the user directly to the login page
of another configured identity provider.
If you configured an external Identity Provider in Keycloak, e.g. github
with the alias "github"
then you could pass it via the "kc_idp_hint" parameter to the login URL.
This will instruct Keycloak to skip the Keycloak login page and take the
user straight to the github login.
E.g.:
http://sso.tdlabs.local:8899/u/auth/realms/acme/protocol/openid-connect/a...
See:
https://www.keycloak.org/docs/latest/securing_apps/index.html#_params_for...
Cheers,
Thomas
On Sat, 29 Jun 2019 at 10:53, Justin Gross <jgross.biz(a)gmail.com> wrote:
Apologies, I just re-read your email.
I don't believe there is a built-in API to retrieve some special link that
completely bypasses Keycloak during authentication but even if there was
you would have to redirect to Keycloak at some point to complete the login.
That being said you might be able to implement a new authorization flow
which provides this functionality and then add a custom resource with an
API (as a Keycloak module) which can generate your link which initiates the
custom auth flow.
Maybe you don't need a login flow and can instead just make the Keycloak
resource/module. I'd look at how the login page generates the login buttons
it provides (and payload it uses) and then create the API you want which
does the same thing but without a UI as Keycloak module.
Just food for thought.
Sorry for replying in haste previously.
Thank you,
Justin Grosz
On Sat, Jun 29, 2019, 3:50 AM Yor Men <yormen1(a)gmail.com> wrote:
> Hi,
>
> Does keycloak provide an api that can generate a link for you to click on
> and redirect you to let say github and login.
>
> Let me sight an example, we have an application that is secured with
> keycloak, we want to allow users to be able to login to the app using
> github, facebook and google without having to go to the keycloak page in
> any way.
>
> What we want to do is, when the login page is called, the controller
> generates the URI and is bound to the model. This model value is placed
in
> a particular social login button.
>
> Any other suggestion is welcome.
>
> Thank you.
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev
10:10 p.m.
Yes, thank you very much.
It worked finally, really like the work this team is doing.
Cheers
On Mon, Jul 1, 2019 at 10:33 AM Thomas Darimont <
thomas.darimont(a)googlemail.com> wrote:
If I understood you correctly, then you want to skip the Keycloak
login
page and take the user directly to the login page
of another configured identity provider.
If you configured an external Identity Provider in Keycloak, e.g. github
with the alias "github"
then you could pass it via the "kc_idp_hint" parameter to the login URL.
This will instruct Keycloak to skip the Keycloak login page and take the
user straight to the github login.
E.g.:
http://sso.tdlabs.local:8899/u/auth/realms/acme/protocol/openid-connect/a...
See:
https://www.keycloak.org/docs/latest/securing_apps/index.html#_params_for...
Cheers,
Thomas
On Sat, 29 Jun 2019 at 10:53, Justin Gross <jgross.biz(a)gmail.com> wrote:
> Apologies, I just re-read your email.
>
> I don't believe there is a built-in API to retrieve some special link that
> completely bypasses Keycloak during authentication but even if there was
> you would have to redirect to Keycloak at some point to complete the
> login.
>
> That being said you might be able to implement a new authorization flow
> which provides this functionality and then add a custom resource with an
> API (as a Keycloak module) which can generate your link which initiates
> the
> custom auth flow.
>
> Maybe you don't need a login flow and can instead just make the Keycloak
> resource/module. I'd look at how the login page generates the login
> buttons
> it provides (and payload it uses) and then create the API you want which
> does the same thing but without a UI as Keycloak module.
>
> Just food for thought.
>
> Sorry for replying in haste previously.
>
> Thank you,
> Justin Grosz
>
> On Sat, Jun 29, 2019, 3:50 AM Yor Men <yormen1(a)gmail.com> wrote:
>
> > Hi,
> >
> > Does keycloak provide an api that can generate a link for you to click
> on
> > and redirect you to let say github and login.
> >
> > Let me sight an example, we have an application that is secured with
> > keycloak, we want to allow users to be able to login to the app using
> > github, facebook and google without having to go to the keycloak page in
> > any way.
> >
> > What we want to do is, when the login page is called, the controller
> > generates the URI and is bound to the model. This model value is placed
> in
> > a particular social login button.
> >
> > Any other suggestion is welcome.
> >
> > Thank you.
> > _______________________________________________
> > keycloak-dev mailing list
> > keycloak-dev(a)lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-dev
> >
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
5:18 p.m.
New subject: Additional authentication protocol support
Hello,
I have just become aware of keycloak as a platform we utilize has replaced their regular
Unix/Linux PAM with keycloak.
My question is whether or not it would be possible for the project to add RADIUS,
Diameter, and most desirably TACACS+ protocol support as methods to the keycloak PAM
agent.
Regards,
Martin
1759
days inactive
1762
days old
5 comments
4 participants
participants (4)
-
Justin Gross -
Martin Maher -
Thomas Darimont -
Yor Men