Re: [keycloak-user] Get magic link for users to login

Hi recently i implemented almost same feature for our environment. I've done it via custom Authenticator implementation. This authenticator is injected in browser authentication flow as alternative execution just before cookie execution, and check request link whether he should authenticate user by this link. Here some snippet: @Override public void authenticate(AuthenticationFlowContext context) { MultivaluedMap<String, String> queryParams = context.getHttpRequest().getUri().getQueryParameters(); // If uri doesn't contain appropriate query params this flow is not applicable, // so we pass it by to other flow chain if (!(queryParams.containsKey("marker") && queryParams.containsKey("userId"))) { context.attempted(); return; } // Extract params from request String userId = queryParams.getFirst("userId"); String marker = queryParams.getFirst("marker"); RealmModel realm = context.getSession().getContext().getRealm(); UserModel user = context.getSession().users().getUserById(userId, realm); // If user state doesn't match requirements this flow is not applicable, // so we pass it by to other flow chain if (checkConditions(user, marker, otherStruff)) { // User could be authenticated context.setUser(user); context.success(); } else { context.attempted(); } } On 18.04.2017 19:09, Martin Johansson wrote: > Hi! > > We want to achieve the following: > > Expose a REST endpoint where an authenticated client can retrieve a magic > login link for a specific user. We have an ID in the attributes for the > user which enables us to get the correct user. > > The reason for this is that we need to expose the possibility to send > e-mails from other systems than Keycloak. We have other ways of composing > the e-mails. > > So wanted final state is that a user can click a link in his e-mail client > and be redirected to our app and be logged in. > > BR, > Martin > > ---------- Forwarded message ---------- >> From: Ilya Korol <llivezking(a)gmail.com&gt; >> To: keycloak-user(a)lists.jboss.org >> Cc: >> Bcc: >> Date: Fri, 14 Apr 2017 15:59:10 +1000 >> Subject: Re: [keycloak-user] Get magic link for users to login >> Hi, could you explain more detailed what you want to achieve? As for my >> team we also implemented custom rest endpoint, which send customized emails >> to users. Check out org.keycloak.services.resources.admin.UsersResource >> for details of default link constructing. (methods: resetPasswordEmail(), >> executeActionsEmail(), sendVerifyEmail()) >> >> >> On 13.04.2017 17:54, Martin Johansson wrote: >> >>> Is it possible to retrieve the magic link that are sent by e-mail via the >>> Java >>> API? We have implemented an SPI with a REST interface and would like to >>> get >>> the link for usage in custom e-mails. >>> Any hints which provider to be used is much appreciated. >>> >>> Regards, >>> Martin >>> _______________________________________________ >>> keycloak-user mailing list >>> keycloak-user(a)lists.jboss.org >>> https://lists.jboss.org/mailman/listinfo/keycloak-user >>> >> _______________________________________________ >> keycloak-user mailing list >> keycloak-user(a)lists.jboss.org >> https://lists.jboss.org/mailman/listinfo/keycloak-user >> > _______________________________________________ > keycloak-user mailing list > keycloak-user(a)lists.jboss.org > https://lists.jboss.org/mailman/listinfo/keycloak-user _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user