Update roles at login time between 2 realms
by Thibault Vernadat
Hello,
What I am trying to achieve is the following :
I have two realms with one client each. Let's call them realm A and realm B.
Users from realm B can access my application of realm A, because I added
realm B as a keycloak openid connect identity provider in realm A.
First time a user from real B access my realm A client, this creates a
user in realm A for this client, and I map some roles for this client.
So far so good. My issue now is : let's say my client initially had a
role R in realm B, and at first login this role was mapped for this user
in realm A, if the realm B admin remove role R from this user, I want
this role to be removed as well in realm A. Or added if a new role that
should be mapped was added.
Is there a way to update roles next time this user try to authenticate
in the realm A app ? Or should I use another mechanism to keep my roles
consistent between my realms ?
Thanks a lot in advance for your help.
10 years
Last Login Time of User
by Lohitha Chiranjeewa
Hi,
Is there a way to retrieve the last login time of a given user?
I checked the Admin Console, Rest specification and the mysql DB structure
but couldn't find a place where that bit of information could be stored and
retrieved from. Have I missed a place or is that feature not available
(yet)?
Regards,
Lohitha.
10 years
Version 2.0.0.CR1
by LEONARDO NUNES
Hi, when version 2.0.0.CR1 will be released?
--
Leonardo
________________________________
Esta mensagem pode conter informa??o confidencial e/ou privilegiada. Se voc? n?o for o destinat?rio ou a pessoa autorizada a receber esta mensagem, n?o poder? usar, copiar ou divulgar as informa??es nela contidas ou tomar qualquer a??o baseada nessas informa??es. Se voc? recebeu esta mensagem por engano, por favor avise imediatamente o remetente, respondendo o e-mail e em seguida apague-o. Agradecemos sua coopera??o.
This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation
10 years
Email format
by Bruno Palermo
Hi,
How can I choose between text and html for the e-mail messages?
Also is possible to include some custom fields on the template, such as user first name?
Thanks,
Bruno
10 years
Captive Portal with Keycloak for Wireless Routers
by Daniel Fuchs
Hi,
I’m starting to read about Keycloak and it’s functionalities and I’m wondering how can we make it act as the Captive Portal for our Wireless Network?
Since the users will have different services with a customer, Keycloak seems perfect because we can authenticate multiple applications with multiple identity providers aside of having internal registered customers, but one of these services will be the network access.
Maybe Keycloak can become a central point in my architecture.
Thanks in advance,
Daniel
10 years
Keycloak for Client services behind loadbalancers
by Subhrajyoti Moitra
Hello,
I have a client application, that will be using Keycloak for authentication
and authorization.
There are 2 instances of this application running on (lets say) service1
and service2.
These 2 service instance are behind the load balancer. The load balancer
has sticky sessions on.
Now a user browses to the loadbalancer url, which in turn serves the
service instances, service1 or service2.
Now when the service instance pages are using keycloak.js to verify the
login, I dont get the loadbalancer URL as the redirect url value, rather
the redirect url is of the actual service instance URL on which the service
is hosted.
How do i use Keycloak for loadbalanced services?
Is there some specific setting, or setup of the server?
Please help and guide,
Thanks and cheers,
Subhro.
10 years
