[keycloak-dev] configuring social providers
Bolesław Dawidowicz
bdawidow at redhat.com
Mon Jul 22 09:52:30 EDT 2013
On 07/22/2013 03:44 PM, Bill Burke wrote:
>
>
> On 7/22/2013 9:39 AM, Marko Strukelj wrote:
>>
>>
>> ----- Original Message -----
>>> On 07/22/2013 03:24 PM, Bolesław Dawidowicz wrote:
>>>> On 07/22/2013 03:13 PM, Marko Strukelj wrote:
>>>>> When using Google+ SignIn or Facebook SignIn or Twitter SignIn I
>>>>> always get redirected to an authorization form where now there would
>>>>> say something like:
>>>>>
>>>>> Application _Keycloak_ wants access to your email, and a list of
>>>>> friends.
>>>>>
>>>>> Instead of saying:
>>>>>
>>>>> Application _SocialDemo_ wants access to your email ...
>>>>>
>>>>>
>>>>> Me as a user I don't know anything about Keycloak. I came to the web
>>>>> site of SocialDemo. When I see that Keycloak wants access to my
>>>>> email, phishing alarms go off in my head ...
>>>>
>>>> Exactly...
>>>
>>> Also IIRC you define the level of access to user information per
>>> application - and requirements may vary. Would it be possible with
>>> global account?
>>>
>> You mean that by granting access to my list of friends when signing in via SocialDemo, I would be granting the same access to acme.com and all the apps using Keycloak? :)
>> I'd say that's the case, yes.
>>
>
> You win.
>
> You're right I'm wrong
> You're the best, I'm the worst
> You're good looking, I'm not very attractive...
>
But we still love you!
More information about the keycloak-dev
mailing list