12:13 p.m.
Hello,
I was wondering if there is a plan (or maybe something already built) for
native mobile authentication with Keycloak.
Right now we need to redirect the user to a web view so he can interface
with Keycloak to login, and from there on he can use the app normally, but
is there something native for this? We're trying to find ways to use the
smartphone's native authentication systems to login the users, and so far
we haven't been able to make it work.
Have you thought of something along those lines?
Thank you.
--
Rodrigo Sasaki
12:32 p.m.
Sorry, I wasn't clear enough. The problem we're having is with social logins
When we have to login a user via social links (Google or Facebook) we need
to send him to a webview, because Keycloak communicates with the social
networks via the default flows we already have implemented.
But from a mobile standpoint this could be improved, because the user can
alerady have a Google account and/or a Facebook account on his mobile
device. So that could be used instead of making the user login again on a
webview.
The idea is to send the social information we already have on the mobile
device to Keycloak and get a token in return (we can do this with
username/password today).
The ideal thing would be a SDK for this that would (for example) be
instantiated with URI and client_id, and would provide a method for login.
I know this might not be in your roadmap for any time soon, but I'd like to
know if you have thought about any of this.
This provides a very different user experience for the user, and I think
this feature would be appreciated by many.
Thank you all again!
Rodrigo Sasaki
On Wed, Nov 26, 2014 at 4:13 PM, Rodrigo Sasaki <rodrigopsasaki(a)gmail.com>
wrote:
Hello,
I was wondering if there is a plan (or maybe something already built) for
native mobile authentication with Keycloak.
Right now we need to redirect the user to a web view so he can interface
with Keycloak to login, and from there on he can use the app normally, but
is there something native for this? We're trying to find ways to use the
smartphone's native authentication systems to login the users, and so far
we haven't been able to make it work.
Have you thought of something along those lines?
Thank you.
--
Rodrigo Sasaki
--
Rodrigo Sasaki
1:39 a.m.
Hi,
It's something we've discussed in the past. It would work, but it's not very
elegant as a lot of the logic would be pushed onto the native app. Our core aim with
Keycloak is to make security easy for folks.
That being said are you using the direct grant api to exchange a username/password for a
token? We could probably allow using the direct grant api and pass a token instead of a
username/password.
Added AeroGear mailing list as they're working on mobile adapters for Keycloak.
----- Original Message -----
From: "Rodrigo Sasaki" <rodrigopsasaki(a)gmail.com>
To: keycloak-user(a)lists.jboss.org
Sent: Wednesday, 26 November, 2014 7:32:38 PM
Subject: Re: [keycloak-user] Mobile Authentication API
Sorry, I wasn't clear enough. The problem we're having is with social logins
When we have to login a user via social links (Google or Facebook) we need to
send him to a webview, because Keycloak communicates with the social
networks via the default flows we already have implemented.
But from a mobile standpoint this could be improved, because the user can
alerady have a Google account and/or a Facebook account on his mobile
device. So that could be used instead of making the user login again on a
webview.
The idea is to send the social information we already have on the mobile
device to Keycloak and get a token in return (we can do this with
username/password today).
The ideal thing would be a SDK for this that would (for example) be
instantiated with URI and client_id, and would provide a method for login. I
know this might not be in your roadmap for any time soon, but I'd like to
know if you have thought about any of this.
This provides a very different user experience for the user, and I think this
feature would be appreciated by many.
Thank you all again!
Rodrigo Sasaki
On Wed, Nov 26, 2014 at 4:13 PM, Rodrigo Sasaki < rodrigopsasaki(a)gmail.com >
wrote:
Hello,
I was wondering if there is a plan (or maybe something already built) for
native mobile authentication with Keycloak.
Right now we need to redirect the user to a web view so he can interface with
Keycloak to login, and from there on he can use the app normally, but is
there something native for this? We're trying to find ways to use the
smartphone's native authentication systems to login the users, and so far we
haven't been able to make it work.
Have you thought of something along those lines?
Thank you.
--
Rodrigo Sasaki
--
Rodrigo Sasaki
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
5:34 a.m.
That's exactly the case, we're using the direct grant API to exchange
username/password for a token.
If there was an endpoint to do the same with tokens from social links that
would be fantastic. That would already be flexible enough for us to develop
the activities the way we want.
On Thu, Nov 27, 2014 at 5:39 AM, Stian Thorgersen <stian(a)redhat.com> wrote:
Hi,
It's something we've discussed in the past. It would work, but it's not
very elegant as a lot of the logic would be pushed onto the native app. Our
core aim with Keycloak is to make security easy for folks.
That being said are you using the direct grant api to exchange a
username/password for a token? We could probably allow using the direct
grant api and pass a token instead of a username/password.
Added AeroGear mailing list as they're working on mobile adapters for
Keycloak.
----- Original Message -----
> From: "Rodrigo Sasaki" <rodrigopsasaki(a)gmail.com>
> To: keycloak-user(a)lists.jboss.org
> Sent: Wednesday, 26 November, 2014 7:32:38 PM
> Subject: Re: [keycloak-user] Mobile Authentication API
>
> Sorry, I wasn't clear enough. The problem we're having is with social
logins
>
> When we have to login a user via social links (Google or Facebook) we
need to
> send him to a webview, because Keycloak communicates with the social
> networks via the default flows we already have implemented.
>
> But from a mobile standpoint this could be improved, because the user can
> alerady have a Google account and/or a Facebook account on his mobile
> device. So that could be used instead of making the user login again on a
> webview.
>
> The idea is to send the social information we already have on the mobile
> device to Keycloak and get a token in return (we can do this with
> username/password today).
>
> The ideal thing would be a SDK for this that would (for example) be
> instantiated with URI and client_id, and would provide a method for
login. I
> know this might not be in your roadmap for any time soon, but I'd like to
> know if you have thought about any of this.
>
> This provides a very different user experience for the user, and I think
this
> feature would be appreciated by many.
>
> Thank you all again!
>
> Rodrigo Sasaki
>
> On Wed, Nov 26, 2014 at 4:13 PM, Rodrigo Sasaki <
rodrigopsasaki(a)gmail.com >
> wrote:
>
>
>
> Hello,
>
> I was wondering if there is a plan (or maybe something already built) for
> native mobile authentication with Keycloak.
>
> Right now we need to redirect the user to a web view so he can interface
with
> Keycloak to login, and from there on he can use the app normally, but is
> there something native for this? We're trying to find ways to use the
> smartphone's native authentication systems to login the users, and so
far we
> haven't been able to make it work.
>
> Have you thought of something along those lines?
>
> Thank you.
>
> --
> Rodrigo Sasaki
>
>
>
> --
> Rodrigo Sasaki
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
--
Rodrigo Sasaki
4016
days inactive
4017
days old
3 comments
2 participants
participants (2)
-
Rodrigo Sasaki -
Stian Thorgersen