I strongly disagree. With Keycloak you are logging in to a SSO realm, not
an individual application. With that in mind it's important that the login
screen reflects that. Users need to know the difference as it's an
important distinction. It just doesn't make any sense that I'm logged-in to
the SSO with a login screen that is themed to look like the login screen
for an individual application.
Adding an option on clients to set the theme just doesn't make any sense.
If we added the option to create SSO "zones" or disable SSO for individual
applications then it would make sense to be able to set theme on a per-zone
or apps that doesn't have SSO enabled.
On 31 December 2015 at 09:46, Travis De Silva <traviskds(a)gmail.com> wrote:
Hi,
My vote is to provide this feature at a client level as per the original
request.
I think realms should be used for completely different domains when we
want to isolate users etc. Should not try and use it for something that it
was not intended in the design.
The reason why you might need theming at client level is iif you really
think that clients which are essentially different applications most of the
time and each of these applications might have different look and feel
themes (either due to different development teams or vendors building
different applications).
So when someone logins via KeyCloak, its true that we are logging into a
realm but for an end user, it is really logging into a application and
there is a need for the login page theme to look similar to the application
look and feel.
Also I have a use case where I have a back office application that
requires login for admin users and then I have the front office of this
application where in addition to the admin users, you also can have other
users as well who can self register and login to the front end which is a
consumer facing site.
How I handle this is by having two clients in the same realm. This works
fine if you are happy with the same backend login theme to be there for the
consumer facing frontend. But we cannot do that as the front end is a
consumer facing SaaS site, so each front end needs to have the client's
website theme. This becomes very hard to do if we don't have theming at a
client level.
I came across this post from Bill a few months ago
http://lists.jboss.org/pipermail/keycloak-user/2015-July/002537.html
I am thinking to make use of the client variable that is available in
login.ftl and load different freemarker fragments that will then theme it
differently for each client. As mentioned by Bill, having many if
conditions might not be ideal but it might meet the requirement.
Cheers
Travis
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user