Hello Guus,

I build something along the lines of: https://github.com/hawkular/hawkular-accounts/tree/master/keycloak-event-listener-jms

However you need to publish "normal" Keycloak events as well as AdminEvents which are fired when interacting via the Keycloak Admin REST interfaces, e.g. by using AdminConsole or the Admin-REST client.

When dealing with the AdminEvents be prepared to do a lot of string pattern matching against the associated REST resource-paths.

As an example for detecting whether an AdminEvent denotes a client-role assignment to a user you need to check the resourcePath for the following Pattern:

^users/(" + UUID_PATTERN_STRING + ")/role-mappings/clients/(" + UUID_PATTERN_STRING + ")

first uuid-group marks the userId the second one marks the clientId...

I think the AdminEvents should be enriched with some additional context information to ease the event matching in custom EventHandlers.

Cheers,

Thomas

2016-05-04 13:51 GMT+02:00 Guus der Kinderen <guus.der.kinderen@gmail.com>:

Hello all,

Can you suggest an approach (or better yet, an existing solution if one is available) for the following?

We have an application that is interested in events regarding user management. We would like it to be notified of user creation, modification and deletion that occurs within Keycloak.

Is there some kind of publish/subscribe mechanism available for this?

Our initial thought was to create a module for Keycloak, that would somehow register itself as an event listener, and subsequently transmit those events via the XMPP pub/sub mechanism (our software is XMPP-capable).

Thoughts?

Regards,

Guus

_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user