At the moment we have an Authentication SPI that will let you easily authenticate users with your existing database of users. The first time a new user logs in using this approach a user will be pulled in to the Keycloak database. There's no documentation for this feature yet, but look at the SPI at https://github.com/keycloak/keycloak/tree/master/authentication/authentication-api and the implementation that uses the Keycloak model itself to authenticate at https://github.com/keycloak/keycloak/tree/master/authentication/authentication-model.
In the future we plan to provide a Sync SPI that will take this one step further and let you sync users (and roles) to/from an existing database.
However, if you plan to completely replace your current authentication system the cleanest solution may be to import your current user database into Keycloak once and for all. If you're interested in this approach let me know.
> _______________________________________________
----- Original Message -----
> From: "Rodrigo Sasaki" <rodrigopsasaki@gmail.com>
> To: keycloak-user@lists.jboss.org
> Sent: Wednesday, 14 May, 2014 8:52:07 PM
> Subject: [keycloak-user] Migrating Users Database
>
> Hi,
>
> I'm trying to replace my current authentication system with Keycloak, but I
> have one problem. I already have a database of users, populated with
> millions of records, and I wanted to make it work with Keycloak.
>
> What would be the best approach on this scenario? Should I migrate everything
> to the Keycloak tables, or try to make Keycloak understand my current
> database?
>
> Is there any recommendation on this matter? And if there is, some explanation
> or documentation?
>
> Thanks!
>
> --
> Rodrigo Sasaki
>
> keycloak-user mailing list
> keycloak-user@lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user