It is because their first login screen is just something asking for an
email. If the email doesn't exist as a user, they want a redirect to
the register page.
On 7/25/2014 5:08 AM, Stian Thorgersen wrote:
Yes, you can use the direct grant to retrieve a token.
I'd like to know why redirecting to the login form, when styled to match your
website, and using login_hint to pre-fill username/email doesn't work. Maybe
there's something we can do so that you can still use the "proper" flow?
----- Original Message -----
> From: "Rodrigo Sasaki" <rodrigopsasaki(a)gmail.com>
> To: "Stian Thorgersen" <stian(a)redhat.com>
> Cc: "Bill Burke" <bburke(a)redhat.com>, keycloak-user(a)lists.jboss.org
> Sent: Thursday, 24 July, 2014 6:13:17 PM
> Subject: Re: [keycloak-user] Authenticate user without using login page
>
> Sorry to keep insisting on this, but since it's being a huge showstopper so
> far, I just have to ask.
>
> If I don't mind trading off SSO and all the other benefits that the
> Keycloak login page provides me, would there be a way for me to do what I
> want?
>
>
> On Fri, Jul 18, 2014 at 5:44 AM, Stian Thorgersen <stian(a)redhat.com> wrote:
>
>> We could add support for login_hint query param so you can have the
>> username/email field on the login form pre-filled for the user, so once a
>> user has to authenticate you redirect to login on KC and all they would
>> have to do is enter their password.
>>
>> If you bypass the login forms you'd loose SSO, multi-factor support,
>> required actions, recover password, etc, etc, etc..
>>
>> As Bill mentioned we provide very flexible login forms that can be
>> templated using either just css or even FreeMarker templates if you need a
>> lot of customization, so you should be able to make the login form
>> integrate well with your website.
>>
>> ----- Original Message -----
>>> From: "Rodrigo Sasaki" <rodrigopsasaki(a)gmail.com>
>>> To: "Bill Burke" <bburke(a)redhat.com>
>>> Cc: keycloak-user(a)lists.jboss.org
>>> Sent: Thursday, 17 July, 2014 6:52:08 PM
>>> Subject: Re: [keycloak-user] Authenticate user without using login page
>>>
>>> You think there could be a way to do this within keycloak itself?
>>>
>>>
>>> On Wed, Jul 16, 2014 at 4:41 PM, Rodrigo Sasaki <
>> rodrigopsasaki(a)gmail.com >
>>> wrote:
>>>
>>>
>>>
>>> I'll give you an example:
>>>
>>> We have a situation in our website where we only ask for the user's
>> e-mail,
>>> and he can go on with the flow.
>>>
>>> On a determined step of the flow, if we identify that this is an e-mail
>> that
>>> we already have in our user database, we ask him for his password,
>>> authenticate him, and let him go on, if this e-mail is new, we redirect
>> him
>>> to a page where he can register himself, and after that continue on.
>>>
>>> On this specific case and others, we wouldn't like to have to redirect
>> him to
>>> keycloak, because that would interrupt the flow that we designed.
>>>
>>>
>>> On Wed, Jul 16, 2014 at 4:39 PM, Bill Burke < bburke(a)redhat.com >
wrote:
>>>
>>>
>>>
http://docs.jboss.org/ keycloak/docs/1.0-beta-3/
>>> userguide/html/direct-access- grants.html
>>>
>>> If you have to do it this way, please let us know why. Maybe we can
>> solve the
>>> issue within keycloak itself.
>>>
>>>
>>> On 7/16/2014 3:35 PM, Rodrigo Sasaki wrote:
>>>
>>>
>>>
>>> Just for the sake of conversation, if I did want to handle my own login
>>> page, would there be a way for me to do it?
>>>
>>>
>>> On Tue, Jul 15, 2014 at 2:35 PM, Rodrigo Sasaki
>>> < rodrigopsasaki(a)gmail.com <mailto: rodrigopsasaki@gmail. com >>
wrote:
>>>
>>> I don't want to miss out on all of that, which is why we're mostly
>>> migrating everything to use keycloak that way.
>>>
>>> It's just that we have cases that are so specific, that it would be
>>> better to authenticate the user in a different manner, create the
>>> user session and everything, without redirecting.
>>>
>>> I'll have a look at that code. Thanks!
>>>
>>>
>>> On Tue, Jul 15, 2014 at 2:19 PM, Bill Burke < bburke(a)redhat.com
>>> <mailto: bburke(a)redhat.com >> wrote:
>>>
>>> If you want to handle your own login pages, IMO, you are missing
>>> out on
>>> a lot of Keycloak features. Specifically:
>>>
>>> * SSO
>>> * forgot password
>>> * admin forced credential reset/setup
>>>
>>>
>>> Login pages can be styled however you like to look like your
>>> application.
>>>
>>> There is a REST api for obtaining an access token. Here is an
>>> example:
>>>
>>>
https://github.com/keycloak/ keycloak/blob/master/examples/
>>> demo-template/admin-access- app/src/main/java/org/
>>> keycloak/example/AdminClient. java
>>>
>>> On 7/15/2014 12:36 PM, Rodrigo Sasaki wrote:
>>>> Is there a way to authenticate the user without having to
>>> input username
>>>> and password on the login page?
>>>>
>>>> For example:
>>>>
>>>> Say there's a situation in my application where I request the
>>> user for
>>>> his username and password, and I wouldn't like to redirect
>>> that to the
>>>> keycloak login page to authenticate him, would there be a way
>>> for me to
>>>> do that?
>>>>
>>>> --
>>>> Rodrigo Sasaki
>>>>
>>>>
>>>> ______________________________ _________________
>>>> keycloak-user mailing list
>>>> keycloak-user(a)lists.jboss.org
>>> <mailto: keycloak-user@lists.
jboss.org >
>>>
>>>>
https://lists.jboss.org/ mailman/listinfo/keycloak-user
>>>>
>>>
>>> --
>>> Bill Burke
>>> JBoss, a division of Red Hat
>>>
http://bill.burkecentral.com
>>> ______________________________ _________________
>>> keycloak-user mailing list
>>> keycloak-user(a)lists.jboss.org <mailto: keycloak-user@lists.
jboss.org
>
>>>
>>>
https://lists.jboss.org/ mailman/listinfo/keycloak-user
>>>
>>>
>>>
>>>
>>> --
>>> Rodrigo Sasaki
>>>
>>>
>>>
>>>
>>> --
>>> Rodrigo Sasaki
>>>
>>> --
>>> Bill Burke
>>> JBoss, a division of Red Hat
>>>
http://bill.burkecentral.com
>>>
>>>
>>>
>>> --
>>> Rodrigo Sasaki
>>>
>>>
>>>
>>> --
>>> Rodrigo Sasaki
>>>
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user(a)lists.jboss.org
>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
>
>
> --
> Rodrigo Sasaki
>