We could add support for login_hint query param so you can have the username/email field
on the login form pre-filled for the user, so once a user has to authenticate you redirect
to login on KC and all they would have to do is enter their password.
If you bypass the login forms you'd loose SSO, multi-factor support, required actions,
recover password, etc, etc, etc..
As Bill mentioned we provide very flexible login forms that can be templated using either
just css or even FreeMarker templates if you need a lot of customization, so you should be
able to make the login form integrate well with your website.
----- Original Message -----
From: "Rodrigo Sasaki" <rodrigopsasaki(a)gmail.com>
To: "Bill Burke" <bburke(a)redhat.com>
Cc: keycloak-user(a)lists.jboss.org
Sent: Thursday, 17 July, 2014 6:52:08 PM
Subject: Re: [keycloak-user] Authenticate user without using login page
You think there could be a way to do this within keycloak itself?
On Wed, Jul 16, 2014 at 4:41 PM, Rodrigo Sasaki < rodrigopsasaki(a)gmail.com >
wrote:
I'll give you an example:
We have a situation in our website where we only ask for the user's e-mail,
and he can go on with the flow.
On a determined step of the flow, if we identify that this is an e-mail that
we already have in our user database, we ask him for his password,
authenticate him, and let him go on, if this e-mail is new, we redirect him
to a page where he can register himself, and after that continue on.
On this specific case and others, we wouldn't like to have to redirect him to
keycloak, because that would interrupt the flow that we designed.
On Wed, Jul 16, 2014 at 4:39 PM, Bill Burke < bburke(a)redhat.com > wrote:
http://docs.jboss.org/ keycloak/docs/1.0-beta-3/
userguide/html/direct-access- grants.html
If you have to do it this way, please let us know why. Maybe we can solve the
issue within keycloak itself.
On 7/16/2014 3:35 PM, Rodrigo Sasaki wrote:
Just for the sake of conversation, if I did want to handle my own login
page, would there be a way for me to do it?
On Tue, Jul 15, 2014 at 2:35 PM, Rodrigo Sasaki
< rodrigopsasaki(a)gmail.com <mailto: rodrigopsasaki@gmail. com >> wrote:
I don't want to miss out on all of that, which is why we're mostly
migrating everything to use keycloak that way.
It's just that we have cases that are so specific, that it would be
better to authenticate the user in a different manner, create the
user session and everything, without redirecting.
I'll have a look at that code. Thanks!
On Tue, Jul 15, 2014 at 2:19 PM, Bill Burke < bburke(a)redhat.com
<mailto: bburke(a)redhat.com >> wrote:
If you want to handle your own login pages, IMO, you are missing
out on
a lot of Keycloak features. Specifically:
* SSO
* forgot password
* admin forced credential reset/setup
Login pages can be styled however you like to look like your
application.
There is a REST api for obtaining an access token. Here is an
example:
https://github.com/keycloak/ keycloak/blob/master/examples/
demo-template/admin-access- app/src/main/java/org/
keycloak/example/AdminClient. java
On 7/15/2014 12:36 PM, Rodrigo Sasaki wrote:
> Is there a way to authenticate the user without having to
input username
> and password on the login page?
>
> For example:
>
> Say there's a situation in my application where I request the
user for
> his username and password, and I wouldn't like to redirect
that to the
> keycloak login page to authenticate him, would there be a way
for me to
> do that?
>
> --
> Rodrigo Sasaki
>
>
> ______________________________ _________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
<mailto: keycloak-user@lists.
jboss.org >
>
https://lists.jboss.org/ mailman/listinfo/keycloak-user
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
______________________________ _________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org <mailto: keycloak-user@lists.
jboss.org >
https://lists.jboss.org/ mailman/listinfo/keycloak-user
--
Rodrigo Sasaki
--
Rodrigo Sasaki
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
--
Rodrigo Sasaki
--
Rodrigo Sasaki
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user