[keycloak-dev] Fwd: Remove address from registration and account management by default
Lennart Jörelid
lennart.jorelid at gmail.com
Thu Aug 13 14:18:37 EDT 2015
[Forwarding to the list; not meant as a personal reply.]
Hello there,
This is exacly what I am struggling with at the moment. I have found a
number of things which would need clarification in documentation as well as
in examples:
1. *Custom user data properties/fields*. It seems that one has to/ought
to add custom properties to three places in the theme files: account, admin
and registration. However, the ways to add them differ greatly, as each FTL
template structure is quite different. (Account uses account.ftl; Admin
uses partials/user-attribute-entry.ftl). Pattern definitions and
explanations are missing from examples and documentation, as far as I can
tell.
2. *Editable properties per role*. Realm admins/editors could perhaps be
able to edit all properties (except primary key/ID value) for all the users
in a realm - but we would typically like to restrict which properties (both
basic and custom attributes) are editable depending on the roles/privileges
a user has in the realm. (For example, it would likely be a bad ide to
permit users to change their names and birthday arbitrarily after
registration). How do we restrict editability of normaly and custom user
properteis - both in terms of the data and the forms required to interact
with keycloak? Pattern definitions and explanations are missing from
examples and documentation, as far as I can tell.
3. *Linking users to roles/privileges in other realms.* How should one
construct realms to grant roles & privileges automatically to users in
other realms? (For example: All Users in Literary Society A can register
for a party hosted by Literary Society B. Hence, how does realm admin B
grant role KnownGuest to all users in realm A, to permit them to access
Society B's register-to-the-event-page? Assume, of course, that both A and
B are managed by the same Keycloak DB, so basic identity attributes should
be extracted normally from Keycloak. Neither realm admins from A or B have
master realm access.) Pattern definitions and explanations are missing from
examples and documentation, as far as I can tell.
2015-08-13 15:49 GMT+02:00 Stian Thorgersen <stian at redhat.com>:
> As highlighted by the UXP team the registration screen is not very nice. I
> propose we remove the address fields from the registration and account
> management. Instead we should have an example theme that shows adding
> additional fields to the screens.
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
--
--
+==============================+
| Bästa hälsningar,
| [sw. "Best regards"]
|
| Lennart Jörelid
| EAI Architect & Integrator
|
| jGuru Europe AB
| Mölnlycke - Kista
|
| Email: lj at jguru.se
| URL: www.jguru.se
| Phone
| (skype): jgurueurope
| (intl): +46 708 507 603
| (domestic): 0708 - 507 603
+==============================+
--
--
+==============================+
| Bästa hälsningar,
| [sw. "Best regards"]
|
| Lennart Jörelid
| EAI Architect & Integrator
|
| jGuru Europe AB
| Mölnlycke - Kista
|
| Email: lj at jguru.se
| URL: www.jguru.se
| Phone
| (skype): jgurueurope
| (intl): +46 708 507 603
| (domestic): 0708 - 507 603
+==============================+
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20150813/639f2a2b/attachment.html
More information about the keycloak-dev
mailing list