[keycloak-dev] brokered username

Stian Thorgersen stian at redhat.com
Wed Apr 1 00:29:31 EDT 2015


Works for now.

We need to improve on this soon though, it's been outstanding to long. My proposal is:

1. We set a attribute on user that username is generated
2. When username is generated username/password is not displayed in account management
3. We add an option on a identity provider to set if users can enable regular login or not, values for this feature is on/off/required
4. If this is enabled in account management there's an option to set username/password to enable regular login - only once then it converts to displaying username + password reset
5. We add a require action to set username/password - if the option in 3 is set to required after first login with identity provider the user is required to set username + password to enable account
6. We also add an option on a realm to allow users to change username



----- Original Message -----
> From: "Bill Burke" <bburke at redhat.com>
> To: keycloak-dev at lists.jboss.org
> Sent: Wednesday, 1 April, 2015 2:37:52 AM
> Subject: [keycloak-dev] brokered username
> 
> When a user gets created I am changing it so that the UserModel username
> will be:
> 
> brokerAlias + "." + username-imported-from-broker
> 
> This is so that we don't have username conflicts.  The downside is that
> if anybody relies on username, it will now have all these extra
> characters i.e. "facebook.bburke123" instead of "bburke123"
> 
> Is this an ok stopgap until we have a better solution?  I think just
> making the username null opens up a wide variety of potential problems
> as a lot of our codebase is dependent on username.
> 
> --
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
> 


More information about the keycloak-dev mailing list