What I am trying to achieve is the following :
I have two realms with one client each. Let's call them realm A and realm B.
Users from realm B can access my application of realm A, because I added
realm B as a keycloak openid connect identity provider in realm A.
First time a user from real B access my realm A client, this creates a
user in realm A for this client, and I map some roles for this client.
So far so good. My issue now is : let's say my client initially had a
role R in realm B, and at first login this role was mapped for this user
in realm A, if the realm B admin remove role R from this user, I want
this role to be removed as well in realm A. Or added if a new role that
should be mapped was added.
Is there a way to update roles next time this user try to authenticate
in the realm A app ? Or should I use another mechanism to keep my roles
consistent between my realms ?
Thanks a lot in advance for your help.
Is there a way to retrieve the last login time of a given user?
I checked the Admin Console, Rest specification and the mysql DB structure
but couldn't find a place where that bit of information could be stored and
retrieved from. Have I missed a place or is that feature not available
Hi, when version 2.0.0.CR1 will be released?
Esta mensagem pode conter informa??o confidencial e/ou privilegiada. Se voc? n?o for o destinat?rio ou a pessoa autorizada a receber esta mensagem, n?o poder? usar, copiar ou divulgar as informa??es nela contidas ou tomar qualquer a??o baseada nessas informa??es. Se voc? recebeu esta mensagem por engano, por favor avise imediatamente o remetente, respondendo o e-mail e em seguida apague-o. Agradecemos sua coopera??o.
This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation
If reversing the order on the download archive page (
http://keycloak.jboss.org/downloads-archive.html) is a trivial task, I'd be
happy to see that occur. Most users are interested in the most recently
For brownie points: add a link to the changelog?
I’m starting to read about Keycloak and it’s functionalities and I’m wondering how can we make it act as the Captive Portal for our Wireless Network?
Since the users will have different services with a customer, Keycloak seems perfect because we can authenticate multiple applications with multiple identity providers aside of having internal registered customers, but one of these services will be the network access.
Maybe Keycloak can become a central point in my architecture.
Thanks in advance,
I have a client application, that will be using Keycloak for authentication
There are 2 instances of this application running on (lets say) service1
These 2 service instance are behind the load balancer. The load balancer
has sticky sessions on.
Now a user browses to the loadbalancer url, which in turn serves the
service instances, service1 or service2.
Now when the service instance pages are using keycloak.js to verify the
login, I dont get the loadbalancer URL as the redirect url value, rather
the redirect url is of the actual service instance URL on which the service
How do i use Keycloak for loadbalanced services?
Is there some specific setting, or setup of the server?
Please help and guide,
Thanks and cheers,