Auth0 Lock alternative - keycloak-user - Jboss List Archives

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

Auth0 Lock alternative

kcadm - LDAP adding a variable as...

Need info for network security

Robert Smol

Tuesday, 31 July 2018 Tue, 31 Jul '18

10:26 a.m.

Hi, is there any similar project like Auth0 Lock? Something that would allow me to embed Keycloak's login page into my classical web app? Currently whenever I need to login the user, I forward him to Keycloak, but there are demands to show the login window directly on our webpage. Robert

Reply

Show replies by date

Eric B

Tuesday, 31 July Tue, 31 Jul

2:21 p.m.

I believe there are ways to embed keycloak in an iframe, but there are security implications of doing that. By default, I believe keycloak has some xframe options enabled to prevent precisely that. I haven't tried it myself yet, so i would be interested to know as well how easy it is to accomplish. Thanks Eric On Tue, Jul 31, 2018, 11:29 AM Robert Smol, <robert.smol(a)stereoit.com> wrote:

Hi, is there any similar project like Auth0 Lock? Something that would allow me to embed Keycloak's login page into my classical web app? Currently whenever I need to login the user, I forward him to Keycloak, but there are demands to show the login window directly on our webpage. Robert _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user

Reply

Marek Posolda

3:10 p.m.

Hi, you can either look at our Themes functionality if you want to customize look and feel of login page (See the docs and examples for the details). In this case, page will be still displayed by Keycloak server, just will have different L&F. Other possibility is to use OAuth2 Resource-Owner-Password-Credentials-Grant (Direct grant). In this case, you can create the form by yourself and then send the username+password in the separate HTTP Post request to Keycloak and Keycloak will return you back the tokens. Marek On 31/07/18 17:26, Robert Smol wrote:

Hi, is there any similar project like Auth0 Lock? Something that would allow me to embed Keycloak's login page into my classical web app? Currently whenever I need to login the user, I forward him to Keycloak, but there are demands to show the login window directly on our webpage. Robert _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user

Reply

Robert Smol

Wednesday, 1 August Wed, 1 Aug

3:38 a.m.

Marek thanks for hints, when building the form, how do I get to know which social providers are available? I mean on keycloak we have username+password + social providers form. I definitely need to allow the users to login with Facebook,Google+ and others. This is example of our customised form directly on the keycloak. http://account.eventival.me/auth/realms/test/protocol/openid-connect/auth... Robert On Tue, Jul 31, 2018 at 10:10 PM Marek Posolda <mposolda(a)redhat.com> wrote:

Hi, you can either look at our Themes functionality if you want to customize look and feel of login page (See the docs and examples for the details). In this case, page will be still displayed by Keycloak server, just will have different L&F. Other possibility is to use OAuth2 Resource-Owner-Password-Credentials-Grant (Direct grant). In this case, you can create the form by yourself and then send the username+password in the separate HTTP Post request to Keycloak and Keycloak will return you back the tokens. Marek On 31/07/18 17:26, Robert Smol wrote: > Hi, > > is there any similar project like Auth0 Lock? Something that would allow me > to embed Keycloak's login page into my classical web app? Currently > whenever I need to login the user, I forward him to Keycloak, but there are > demands to show the login window directly on our webpage. > > Robert > _______________________________________________ > keycloak-user mailing list > keycloak-user(a)lists.jboss.org > https://lists.jboss.org/mailman/listinfo/keycloak-user

-- stereoIT s.r.o. Heřmanova 23 107 00 Praha 7 mob: +420 776 76 23 78

Reply

Marek Posolda

3:41 a.m.

It is possible through admin REST API to know the available social providers. But this sounds like you're re-implementing Keycloak. If you have your own login form on application side, you need to figure social providers, but also other things (EG. forget password, registration of users). Having the form provided by Keycloak itself is really more recommended way for this. Marek On 01/08/18 10:38, Robert Smol wrote:

Marek thanks for hints, when building the form, how do I get to know which social providers are available? I mean on keycloak we have username+password + social providers form. I definitely need to allow the users to login with Facebook,Google+ and others. This is example of our customised form directly on the keycloak. http://account.eventival.me/auth/realms/test/protocol/openid-connect/auth... Robert On Tue, Jul 31, 2018 at 10:10 PM Marek Posolda <mposolda(a)redhat.com <mailto:mposolda@redhat.com>> wrote: Hi, you can either look at our Themes functionality if you want to customize look and feel of login page (See the docs and examples for the details). In this case, page will be still displayed by Keycloak server, just will have different L&F. Other possibility is to use OAuth2 Resource-Owner-Password-Credentials-Grant (Direct grant). In this case, you can create the form by yourself and then send the username+password in the separate HTTP Post request to Keycloak and Keycloak will return you back the tokens. Marek On 31/07/18 17:26, Robert Smol wrote: > Hi, > > is there any similar project like Auth0 Lock? Something that would allow me > to embed Keycloak's login page into my classical web app? Currently > whenever I need to login the user, I forward him to Keycloak, but there are > demands to show the login window directly on our webpage. > > Robert > _______________________________________________ > keycloak-user mailing list > keycloak-user(a)lists.jboss.org <mailto:keycloak-user@lists.jboss.org> > https://lists.jboss.org/mailman/listinfo/keycloak-user -- stereoIT s.r.o. Heřmanova 23 107 00 Praha 7 mob: +420 776 76 23 78

Reply

Robert Smol

3:48 a.m.

Yes, exactly, that is why I was looking for any work on Auth0 Lock [1] alternative. I believe there are many use cases when you need to show the form directly on the website instead of redirecting to the page. For example here [2] we need to show some content next to login form. Would it be possible to somehow consider this as feature request in the roadmap? I believe we can even sponsor some coder work on this. [1] - https://auth0.com/lock [2] - https://vp.eventival.eu/jidff/2018 On Wed, Aug 1, 2018 at 10:41 AM Marek Posolda <mposolda(a)redhat.com> wrote:

It is possible through admin REST API to know the available social providers. But this sounds like you're re-implementing Keycloak. If you have your own login form on application side, you need to figure social providers, but also other things (EG. forget password, registration of users). Having the form provided by Keycloak itself is really more recommended way for this. Marek On 01/08/18 10:38, Robert Smol wrote: Marek thanks for hints, when building the form, how do I get to know which social providers are available? I mean on keycloak we have username+password + social providers form. I definitely need to allow the users to login with Facebook,Google+ and others. This is example of our customised form directly on the keycloak. http://account.eventival.me/auth/realms/test/protocol/openid-connect/auth... Robert On Tue, Jul 31, 2018 at 10:10 PM Marek Posolda <mposolda(a)redhat.com> wrote: > Hi, > > you can either look at our Themes functionality if you want to customize > look and feel of login page (See the docs and examples for the details). > In this case, page will be still displayed by Keycloak server, just will > have different L&F. > > Other possibility is to use OAuth2 > Resource-Owner-Password-Credentials-Grant (Direct grant). In this case, > you can create the form by yourself and then send the username+password > in the separate HTTP Post request to Keycloak and Keycloak will return > you back the tokens. > > Marek > > On 31/07/18 17:26, Robert Smol wrote: > > Hi, > > > > is there any similar project like Auth0 Lock? Something that would > allow me > > to embed Keycloak's login page into my classical web app? Currently > > whenever I need to login the user, I forward him to Keycloak, but there > are > > demands to show the login window directly on our webpage. > > > > Robert > > _______________________________________________ > > keycloak-user mailing list > > keycloak-user(a)lists.jboss.org > > https://lists.jboss.org/mailman/listinfo/keycloak-user > > > -- stereoIT s.r.o. Heřmanova 23 107 00 Praha 7 mob: +420 776 76 23 78

-- stereoIT s.r.o. Heřmanova 23 107 00 Praha 7 mob: +420 776 76 23 78

Reply

2334

days inactive

2335

days old

keycloak-user@lists.jboss.org

Manage subscription

5 comments

3 participants

tags (0)

participants (3)

Eric B
Marek Posolda
Robert Smol