Re: [keycloak-user] Multiple 'user' data-source ?
On 22/02/16 03:55, Sylvain Auger-Léger wrote:
Hi,
My company is aiming at building its own OpenId Connect provider, for
our internal apps.
Thus we are looking for an open source framework. KeyCloak seems very
good.
Unfortunatly, we have a problem, and I did not find if KeyCloak can
solve it:
Our 'users' are store in an AD directory or in a database (postgree).
To sum up: if the user is not in the AD, then we should look in the
databse .
So you have 2 sets of existing users, first set in AD and second set in
Postgres?
Yes, it is doable. You will need to write federationProvider for CRUD
users from/to your postgres database (See docs and examples for details
on how to create federationProvider). Then you can configure 2
federation providers in your realm, the first with bigger priority will
be LDAP/AD provider, the second will be your provider for postgres. We
already have support for LDAP/AD (Again see docs).
Marek
Is this doable with Keylcloak??
Thanks.
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
Attachments:
- attachment.html (text/html — 2.3 KB)