On Fri, Mar 20, 2015 at 8:58 AM, Marek Posolda <mposolda@redhat.com> wrote:
Yes, Keycloak also verified during each authentication (or interaction with the UserModel) if user still exists in your backend and it's removed from Keycloak DB if not.

Normally user is synced to Keycloak DB after successful login (your step 4), but you can also sync all your users from your storage at once or setup periodic sync.

HI Marek

Thanks for your help with this.
Ideally, what we would like is to have keycloak do all user-management - that is, migrate all users out of our custom application and store them in Keycloak. 
This would slim down our application, and avoid having to custom provider. 

Is this possible?



Anton Hughes