[keycloak-dev] Help with SSO

Jorge M. jm85martins at gmail.com
Thu Apr 27 10:37:07 EDT 2017


Hi,

In the past some systems inside my company were using a custom made sso
implementation that had the ability to do silent login among them.
On of that systems was completly refactored and is using keycloak for
authentication and authorization. Since than, we lost that silent login
feature with the other systems.
We assumed that it was ok to lost this feature for a while but now we are
trying to implement the silent login again.

So..summing up:
- System "A" is using keycloak with a realm "RealmA" with multiple clients
(modules) with sso between them.
- Other systems "B", "C" with their custom authentication and authorization
- We are using a custom federation on keycloak over the same users database
that is shared among all the systems.

What's the best practise to achieve sso between all the systems?
We are thinking about a proxy that detects if the user has a session on
some of the other systems and if that is true, we programatically create a
session on keycloak for a given (Is this possible with the API?).

Thank you,
JM


More information about the keycloak-dev mailing list