5:53 a.m.
I was wondering if it is somehow possible to map group memberships Google
hosted domains into Keycloak (e.g. as roles into an idtoken)?
This would be great since we already have been using groups in Google to
perform authorization in some apps so I know how to get them from the
Google API. I am already using the social provider for authentication so I
was wondering what SPI implementation or configuration/customization I'd
need to do in order to get this done.
Any pointers were to start would be very helpful. I am building Keycloak
from github "master".
Thanks
Thorsten
6:09 a.m.
It's not yet possible, but we plan to support this in a future release by allowing
mapping claims from external tokens
----- Original Message -----
From: "Thorsten" <thorsten315(a)gmx.de>
To: keycloak-user(a)lists.jboss.org
Sent: Monday, 30 March, 2015 12:53:33 PM
Subject: [keycloak-user] How to map Google groups to a token (e.g. as roles)?
I was wondering if it is somehow possible to map group memberships Google
hosted domains into Keycloak (e.g. as roles into an idtoken)?
This would be great since we already have been using groups in Google to
perform authorization in some apps so I know how to get them from the Google
API. I am already using the social provider for authentication so I was
wondering what SPI implementation or configuration/customization I'd need to
do in order to get this done.
Any pointers were to start would be very helpful. I am building Keycloak from
github "master".
Thanks
Thorsten
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
3572
days inactive
3572
days old
1 comments
2 participants
participants (2)
-
Stian Thorgersen -
Thorsten