[keycloak-dev] Custom attributes on registration and account management

[Marek Posolda]

I wonder if we should improve handling of custom attributes in 
freemarker templates and their validation. Let's assume that I want to 
add custom attribute "birthday" and I want to add it to all screens 
where user can create/edit account. I can see those issues:

- Admin will need to edit 3 separate freemarker templates (registration, 
account management, update profile page) to have this attribute 
displayed on all those places.

- Missing validations. For registration screen, admin can implement his 
own validator through the Authentication SPI. But for account management 
and update profile it's currently no way to add custom validations. But 
for my "birthday" field, I usually want to have same custom validation 
applied on all 3 places

- Built-in validations: Similarly like we have builtin password 
policies, we can provide some builtin validators for custom fields 
(mandatory, regex)


I wonder if we should add the tab in admin console where people can specify:

- Name of custom attribute and the type. Then we have some freemarker 
helper, which will render those attributes in all 3 places 
(registration, account mgmt, updateProfile). I believe something similar 
like Bill did for custom providers in admin console ( kc-provider-config 
directive) can work here too.

- Define the validators applied to each field. Similarly like we have 
password/OTP policies, we can have "policies" for each custom attribute. 
We can provide "mandatory" and "regex" policy with possibility for 
people to add custom field validator implementations if they want.


Not sure if this was already discussed before and just not implemented. 
However I think this will be useful and currently can't think of much 
reasons why it couldn't work?

Marek