First: Thanks for a great well designed solution. Keycloak looks like is going to do
exactly what we need.
I do have a question though. If we use Google as an identity provider, is there a way to
“piggyback” on that authentication to be able to retrieve a token for accessing google
drive contents for example without having the user to have to log in again?
Here is my workflow:
1. User goes to our webserver.
2. User is presented a login page from Keycloak
3. User clicks Google
4. User logs into Google
5. User is redirected back to Keycloak’s webpage
6. User is redirected back to our webserver.
Now what we also want to do is use the workflow documented here:
https://developers.google.com/identity/protocols/OAuth2WebServer?hl=en to get a token for
google drive access.
Is this possible? Or am I doing something wrong? Or am I going about this the wrong
way? We need to authenticate the user in our Keycloak, but we also want to let the
user’s application directly access the user’s Google Drive data.
Thank you.
Reed Lewis