[keycloak-dev] Social login rest api
Thomas Darimont
thomas.darimont at googlemail.com
Mon Jul 1 06:33:44 EDT 2019
If I understood you correctly, then you want to skip the Keycloak login
page and take the user directly to the login page
of another configured identity provider.
If you configured an external Identity Provider in Keycloak, e.g. github
with the alias "github"
then you could pass it via the "kc_idp_hint" parameter to the login URL.
This will instruct Keycloak to skip the Keycloak login page and take the
user straight to the github login.
E.g.:
http://sso.tdlabs.local:8899/u/auth/realms/acme/protocol/openid-connect/auth?response_type=code&client_id=app-frontend-springboot&redirect_uri=http%3A%2F%2Fapps.tdlabs.local%3A20001%2Fsso%2Flogin&state=3212b447-1ce5-4562-923d-482d58a3ad11&login=true&scope=openid&kc_idp_hint=github
See:
https://www.keycloak.org/docs/latest/securing_apps/index.html#_params_forwarding
Cheers,
Thomas
On Sat, 29 Jun 2019 at 10:53, Justin Gross <jgross.biz at gmail.com> wrote:
> Apologies, I just re-read your email.
>
> I don't believe there is a built-in API to retrieve some special link that
> completely bypasses Keycloak during authentication but even if there was
> you would have to redirect to Keycloak at some point to complete the login.
>
> That being said you might be able to implement a new authorization flow
> which provides this functionality and then add a custom resource with an
> API (as a Keycloak module) which can generate your link which initiates the
> custom auth flow.
>
> Maybe you don't need a login flow and can instead just make the Keycloak
> resource/module. I'd look at how the login page generates the login buttons
> it provides (and payload it uses) and then create the API you want which
> does the same thing but without a UI as Keycloak module.
>
> Just food for thought.
>
> Sorry for replying in haste previously.
>
> Thank you,
> Justin Grosz
>
> On Sat, Jun 29, 2019, 3:50 AM Yor Men <yormen1 at gmail.com> wrote:
>
> > Hi,
> >
> > Does keycloak provide an api that can generate a link for you to click on
> > and redirect you to let say github and login.
> >
> > Let me sight an example, we have an application that is secured with
> > keycloak, we want to allow users to be able to login to the app using
> > github, facebook and google without having to go to the keycloak page in
> > any way.
> >
> > What we want to do is, when the login page is called, the controller
> > generates the URI and is bound to the model. This model value is placed
> in
> > a particular social login button.
> >
> > Any other suggestion is welcome.
> >
> > Thank you.
> > _______________________________________________
> > keycloak-dev mailing list
> > keycloak-dev at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-dev
> >
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
More information about the keycloak-dev
mailing list