Re: [keycloak-user] brokered-login only

Hi MJ, Not that I'm not affiliated with https://github.com/ohioit/keycloak-link-idp-with-user . You could use it, but you would have to make some tweaks to get it to work with the newer Keycloak. Note also that I'm not affiliated with Keycloak, either, but the question of whether to just tweak the theme to remove the username and password, or do what Marek describes in the quoted text below, depends on your use case, in my opinion. Is it just for convenience and reduced confusion that you want to prevent showing the username and password form to the users and show them instead only buttons for the available brokered login methods? If so, then a theme change would probably be fine. Would it be a violation of your security policy if a hacker users used fiddler or somesuch to tweak what the browser sends in order to login anyway with a username and password, even though you didn't include that form on your login Freemarker page? Then you'll probably want to change the flow itself as Marek suggests, to block that from happening. Regards, Peter -----Original Message----- From: lists [mailto:lists@merit.unu.edu] Sent: Tuesday, June 26, 2018 3:49 AM To: keycloak-user(a)lists.jboss.org Cc: pkboucher801(a)gmail.com Subject: Re: [keycloak-user] brokered-login only Hi Peter, On 25-6-2018 15:38, pkboucher801(a)gmail.com wrote: Regarding this auto-linking: I understand what you mean. Are you talking about this: https://github.com/ohioit/keycloak-link-idp-with-user Or is this functionality implemented in keycloak nowadays? (since the plugin above appears to be unmaintained...) MJ