My company is aiming at building its own OpenId Connect provider, for our internal apps.

Thus we are looking for an open source framework. KeyCloak seems very good.

Unfortunatly, we have a problem, and I did not find if KeyCloak can solve it:

Our 'users' are store in an AD directory or in a database (postgree).

To sum up: if the user is not in the AD, then we should look in the databse .

Is this doable with Keylcloak??

Thanks.