Hi all,
I'm in the process of migrating from an in-house user-role
storage to Keycloak and I'm looking for programmatic (Java)
ways to migrate all current users to the new storage. And I
need your help to figure out the best approach.
At first, when reading KC documentation, I believed I could
easily achieve this by implementing a User Federation provider
but after diving a little more into it, and looking for
examples, I can't see a way to migrate all users on-demand but
simply one user at a time, possible during log-in.
Next, I tried and look into ways, such as admin-cli, REST,
etc but nothing strikes me as the solution to use.
Here's what I was hoping to deliver:
* Get all roles and users from my soon-to-be deprecated
storage, e.g. MySQL tables
* Add roles to KC
* Iterate users and add user to KC + map roles + update
password hashes (here I know I need to implement a
HashProvider)
Any hints will be appreciated!
Pires