E-Mail templates: list of possible parameters?
by Neujahr, Jana
Dear keycloak users,
for altering the keycloak e-mail templates it would be nice to know which parameters you can use in your FTL files. Is there a list somewhere?
If not, would you all kindly help to create a list for present and future users? I'd like to begin:
E-mail template parameters, in alphabetical order:
user.firstName (first name of concerned user)
user.lastName (last name of concerned user)
link (link for user action)
linkExpiration (expiration time oft he link)
linkExpirationFormatter (formatter for expiration time into days, hours, minutes)
event.date (date oft he triggered event)
event.ipAddress (IP address oft he user who triggered the event)
requiredActions (list oft he triggered Actions, String values)
realmName (name of the concerned realm)
code (?)
identityProviderAlias (alias of used identity provider, e.g. Facebook)
identityProviderContext.username (username of used identity provider)
Kindly yours
Jana
Treffen Sie GISA auf folgenden Veranstaltungen!
15.06.2018 WEBINAR: GISA 365 – Wie sieht Ihr Weg in die Cloud aus?
19.06.2018 Energieforen: Fachtag SAP HANA, Leipzig
19.-20.06.2018 PraxisForum Digitale Prozesse - GoBD & Püfungen, Leipzig
23.-24.10.2018 metering days 2018, Fulda
Aufsichtsratsvorsitzender: Norbert Rotter
Geschäftsführung: Michael Krüger
Sitz der Gesellschaft: Halle/Saale
Registergericht: Amtsgericht Stendal | Handelsregister-Nr. HRB 208414
UST-ID-Nr. DE 158253683
Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen. Wenn Sie nicht der richtige Empfänger sind oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail oder des Inhalts dieser Mail sind nicht gestattet. Diese Kommunikation per E-Mail ist nicht gegen den Zugriff durch Dritte geschützt. Die GISA GmbH haftet ausdrücklich nicht für den Inhalt und die Vollständigkeit von E-Mails und den gegebenenfalls daraus entstehenden Schaden. Sollte trotz der bestehenden Viren-Schutzprogramme durch diese E-Mail ein Virus in Ihr System gelangen, so haftet die GISA GmbH - soweit gesetzlich zulässig - nicht für die hieraus entstehenden Schäden.
5 years, 11 months
SQRL (or similar)
by Mark Howells
I'm investigating requirements for a project that we're working on. We'd
like to implement a SQRL-like workflow for users. Basically, We have a
mobile application that goes to great lengths to identify the user. We'd
like to allow users to access web services via a PC by browsing to a login
page that shows a QR code and then scanning that code from within the app.
I'm aware of tiqr but I'm not sure how 'proprietary' that solution is (nor
how readily we absorb the tiqr app functionality into our own app)
.
Are there any projects around this area that we can consider or do we have
to roll our own.
Cheers, Mark
--
NOTICE AND DISCLAIMER
This email contains MJog information, which may be
privileged or confidential. It's meant only for the individual(s) or entity
named above. If you're not the intended recipient, note that disclosing,
copying, distributing or using this information is prohibited. If you've
received this email in error, please let me know immediately on the email
address above. Thank you.****
MJog Limited is a limited company registered
in England and Wales. Company Registration No: 2313464
Registered Office:
The Old School, 23 High Street, Wilburton, ELY, CB6 3RB
We monitor our
email system, and may record your emails.
5 years, 11 months
Wrong event after email verify started by REST (send-verify-email)
by pieter.dekinder@bricsys.com
Hi all,
We are using the REST API Keycloak to trigger an email verification email.
(.../send-verify-email)
When the verification process is done, the EVENT logged is a
CUSTOM_REQUIRED_ACTION event.
Email verification is not a customization, so it should probably be logged
as VERIFY_EMAIL.
Is this expected behaviour? Or can this be considered is as a bug?
Kind regards,
Pieter
5 years, 11 months
Fwd: Users in Multiple Realms
by S Mishra
Hello
Please excuse me if this has been asked before (I'm sure it has), and I
would be grateful if someone could point me to the right resources.
I have 2 realms, REALM1 and REALM2, in my local instance of KC.
I would like to validate and issue tokens for users who are members of a
particular group in another realm on the same server. I.e., In REALM2, I've
created a group e.g., REALM1-GROUP, and assigned users to this group, who I
want to be validated in REALM1.
How can I do this?
Thanks in advance.
Sam
5 years, 11 months
Keycloak Licence
by Pulkit Srivastava
Hi,
I need to know if there would be any legal/licence issues if i download
open source code for keycloak and deploy it after doing certain code level
changes.
I know the forum says its open source, but i just need to be sure before i
start using it.
Can anyone confirm that.?
Thanks,
Pulkit
5 years, 11 months
Keycloak and Citrix Storefront
by Otaño Pavo, Cesar
Good afternoon
Is it possible to use the configuration SAML SP "Citrix StoreFront" and IdP "Keycloak"?
Thank you very much
César
AVISO LEGAL
El contenido de este mensaje de correo electrónico, incluidos los ficheros adjuntos, es confidencial y está protegido por el secreto de las comunicaciones. Si usted recibe este mensaje por error, por favor notifique dicha circunstancia al remitente, borre el mensaje y no use, guarde, divulgue o copie su contenido.
LEGAL NOTICE
The contents of this email transmission and of any attached documents are confidential and are protected by the secrecy of correspondence. If you have received this message in error, please notify the sender and delete this message without using, storing, disclosing or copying its contents.
5 years, 11 months
Unable to verify Google certificate during reCaptcha verification
by G. Allegri
Hi,
I've configured Recaptcha for the registration form. It appears and works
fine from the browser side, but Keycloak cannot access the verification URL
[1] because the SSL Java chain cannot verify the certificate.
I've followed the guide in the docs [2] to configure the TrustStore (in
standalone mode), after having created the truststore and importing the
google cert. I've verified that keytool list the Google certificate
correctly, and I've double checked file paths and password, but I keep
receiving the following exception:
2018-06-05 13:06:35,921 ERROR [org.keycloak.services] (default task-9)
KC-SERVICES0028: Recaptcha failed: javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find
valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1964)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:328)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:322)
at
sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1614)
at
sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
(...)
I've also tried to set Djavax.net.ssl.trustStore=<path to my truststore>
when I launch the standalone.sh, but it neither works.
Do I miss something or am I doing something wrong?
Thanks,
Giovanni
[1]
https://github.com/keycloak/keycloak/blob/master/services/src/main/java/o...
[2]
https://www.keycloak.org/docs/latest/server_installation/index.html#_trus...
5 years, 11 months
Keycloak HA with NATIVE S3 Ping and JDBC Ping guide
by Min Han Lee
Hello,
I wondered if anyone can give me some pointer on how to implement KC HA
with NATIVE S3 Ping or JDBC Ping? I had some search in google but couldn't
find any good guides.
Thanks
Kind Regards
Neo Lee
5 years, 11 months
