Can I also check if Keycloak supports regular updates of user accounts? Since user account details can change from time to time, it would be nice to make Keycloak pull user account updates on a daily basis.

On 8 Mar 2016, at 14:41, Stian Thorgersen <sthorger@redhat.com> wrote:

Write a custom identity provider extending OIDCIdentityProvider and override getFederatedIdentity. See http://keycloak.github.io/docs/userguide/keycloak-server/html/providers.html on how to deploy to Keycloak. I would imagine you don't need 1 as the sub (UID) should be available in the access token.

On 8 March 2016 at 03:45, Eugene Chow <eugene.chow.ct@gmail.com> wrote:
Hi guys,

I need to make Keycloak authenticate against a custom-built OpenID endpoint that’s not under my control. Keycloak authenticates flawlessly. The “but” here is that the endpoint doesn’t implement a standard User Info endpoint, so Keycloak isn’t able to grab the user’s profile. Getting the user’s profile is a 2-step process.

1) Get the UID of the user from the standard User Info endpoint: https://custom.openid.io/openid/connect/v1/userinfo
2) Use the UID from Step 1 to obtain the real User Info from here: https://custom.openid.io/realuserinfo/v1/users

To make this happen, I have a feeling that I have to roll out my own identity provider and probably write a plugin using the Auth SPI. Could you please guide me in the right direction?

Thanks in advance!
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user