Re: [keycloak-user] Changing login form in OIDC Authorization Code Flow
We have Authentication SPI (see docs and example distribution for
details and directory "providers" in it).
We also have identityProvider SPI, which allows to redirect to external
OIDC, OAuth2 or SAML provider to authentication and then redirect back
to Keycloak. If your external service can communicate via some of these
protocols, you could be fine without even need to code any custom
authenticators.
Marek
On 10/02/17 09:35, Daniel Radzikowski wrote:
Hi,
I'm trying to use OpenID Connect interface provided by Keycloak and I've
got one doubt: is there any way to customize the login form returned by
Keycloak to /protocol/openid-connect/auth request in Authorization Code
Flow? By customizing I mean not only changing the page itself, but also the
way the form is processed, e.g. it would call external service and after
successful authentication, user would be redirected to redirect_uri with
code granted (assuming session in Keycloak was created somehow in the
meantime).
If there isn't as I guess, would it be acceptable to implement such a
feature and merge it? I suppose it would be compliant with OpenID Connect
Authorization Code Flow.