Re: [keycloak-user] Google login without automatic user registration

Hi Scott, On Fri, 2019-01-18 at 13:03 -0500, Scott Thibault wrote: > That does look like it does what we would want. However, I don't think I can add custom authenticators. I'm administering an Eclipse Che instance which embeds Keycloak for it's authentication. Is there any other approach? Just FYI, Che's embedded Keycloak is fully accessible [1], so it shouldn't be problematic install a single JS authenticator. [1] https://www.eclipse.org/che/docs/che-6/user-management.html Good luck, Dmitry > > --Scott > > > > On Wed, Jan 16, 2019 at 5:52 PM Dmitry Telegin <dt(a)acutus.pro&gt; wrote: > > Hi Scott, > > > > I think Geoffrey Cleaves has done this with the help of custom authenticator, please check out this thread: http://lists.jboss.org/pipermail/keycloak-user/2018-December/016703.html > > > > Cheers, > > Dmitry Telegin > > CTO, Acutus s.r.o. > > Keycloak Consulting and Training > > > > Pod lipami street 339/52, 130 00 Prague 3, Czech Republic > > +42 (022) 888-30-71 > > E-mail: info(a)acutus.pro > > > > On Wed, 2019-01-16 at 14:12 -0500, Scott Thibault wrote: > > > Out-of-the-box, the First Broker Login flow automatically registers > > > non-existing users authenticated by an identity provider. I would not like > > > anyone with a valid Google account to be able to login, but only those with > > > existing accounts. However, any attempt to create a custom flow without > > > the "Create User If Unique" item leads to an error=invalid_user_credentials. > > > > > > Is there some solution that would allow me to prevent users without an > > > existing account to login via the Google identity provider? > > > _______________________________________________ > > > keycloak-user mailing list > > > keycloak-user(a)lists.jboss.org > > > https://lists.jboss.org/mailman/listinfo/keycloak-user > >