Re: [keycloak-user] Keycloak customised credential model

We desire to create customised credential SPI for device fingerprinting. We developed an authenticator SPI but we got an issue about credential size. By default standard credential model limits the secret attribute to 4 KB. Our fingerprint requires around 30 KB. What is the best way to solve this issue ? Based on our research, I think there are 3 different approaches: 1. split the fingerprint in 4K blocks. Simple to develop but it will increase credential table entries by 8 ! Also, the 4K default size might change in a future release. 2. extend userstorage and credentialModel classes. I’m not sure of this solution as the users are local to Keycloak. 3. extend UsercredentialStore and create a new credential table. From my perspective, this should be the best solution but not sure it will be possible. I’ll be happy to get community advice. Thanks, _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user