Re: [keycloak-user] Validate User Credentials Without Creating a Session

Hi Marek, Thanks for the suggestion. Could you maybe point me in the right direction there? I'm having some difficulties finding the actual place where credentials are checked in the Keycloak code and where the session is being created. Additionally I've looked the documentation (http://www.keycloak.org/docs/3.1/server_development/topics/extensions.html) but I'm having trouble understanding from that what these pieces described are actually for, where the entry point is, and how I can connect it to the actual Keycloak storage. I also don't really know how to actually integrate the endpoint into Keycloak once I have one built Regards, Scott ________________________________ From: Marek Posolda <mposolda(a)redhat.com&gt; Sent: Wednesday, January 24, 2018 1:59:05 PM To: Scott Finlay; keycloak-user(a)lists.jboss.org Subject: Re: [keycloak-user] Validate User Credentials Without Creating a Session Hi Scott, it's not available OOTB, but you can add your own REST endpoint to verify username/password. Or alternatively you can just do directGrant login (OAuth2 Resource Owner Password Credentials Grant) and then logout session. Marek On 23/01/18 09:49, Scott Finlay wrote: