Re: [keycloak-user] Google login without automatic user registration
That does look like it does what we would want. However, I don't think I
can add custom authenticators. I'm administering an Eclipse Che instance
which embeds Keycloak for it's authentication. Is there any other approach?
--Scott
On Wed, Jan 16, 2019 at 5:52 PM Dmitry Telegin <dt(a)acutus.pro> wrote:
Hi Scott,
I think Geoffrey Cleaves has done this with the help of custom
authenticator, please check out this thread:
http://lists.jboss.org/pipermail/keycloak-user/2018-December/016703.html
Cheers,
Dmitry Telegin
CTO, Acutus s.r.o.
Keycloak Consulting and Training
Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
+42 (022) 888-30-71
E-mail: info(a)acutus.pro
On Wed, 2019-01-16 at 14:12 -0500, Scott Thibault wrote:
> Out-of-the-box, the First Broker Login flow automatically registers
> non-existing users authenticated by an identity provider. I would not
like
> anyone with a valid Google account to be able to login, but only those
with
> existing accounts. However, any attempt to create a custom flow without
> the "Create User If Unique" item leads to an
error=invalid_user_credentials.
>
> Is there some solution that would allow me to prevent users without an
> existing account to login via the Google identity provider?
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user