[keycloak-dev] Providing idpHint in JavaScript Adapter JSON configuration
Marc Ewert
marc.ewert at leverton.ai
Fri May 24 09:51:46 EDT 2019
That would also be a solution, which would allow us to tell the JavaScript Adapter the idpHint.
One benefit of the "JSON approach" compared to that would be, that there are no changes in the actual frontend clients needed. This can be achieved by just adding:
kc.idpHint = config['idp-hint'];
to the loadConfig() function in keycloak.js.
In the moment the configuration JSON contains for example the auth-server-url and the realm. At least for us the idp-hint is related to the auth-server-url, because each external party gets its own domain. For others I could imagine, that each external party gets its dedicated realm. In both cases it would be very comfortable, if we could provide the information just right in the JSON.
Otherwise the frontends has to duplicate the needed code for that decisions.
What do you think?
Best and thanks
Marc Ewert
Am 21.05.19 um 15:50 schrieb Stian Thorgersen:
I'm not too keen on adding little bits like this to keycloak.json on its own. Today we have the config split between keycloak.json and init. I'd be open to allow configuring what you can through init in Keycloak.json, but would have to be a complete pr with docs and tests.
On Tue, 21 May 2019, 14:37 Marc Ewert, <marc.ewert at leverton.ai<mailto:marc.ewert at leverton.ai>> wrote:
Hi,
we would like to create a very small PR for the JavaScript Adapter (keycloak.js). This change would allow one to provide the idpHint via the JSON configuration which could of course then be dynamically served by a backend. By this everyone could generate a JSON of the following format:
{
realm: "production",
auth-server-url: "https://customer-a.example.com/auth"<https://customer-a.example.com/auth>,
bearer-only: false,
resource: "frontend-client",
idp-hint: "customer-a",
}
The consumption of the idp-hint parameter could be done as an one-liner in keycloak.js. Would it be okay, if we create a PR with the needed change for letting that happen, or are there other as simple solutions, that we are missing?
Best
Marc Ewert
--
________________________________________________
Marc Ewert | Senior Engineering Manager
Leverton GmbH | Schöneberger Str. 15 | 10963 Berlin | Germany
P +49 30 868 711 059
E marc.ewert at leverton.ai<mailto:marc.ewert at leverton.ai><mailto:marc.ewert at leverton.ai<mailto:marc.ewert at leverton.ai>>
https://www.leverton.ai/ | LinkedIn<https://www.linkedin.com/company/leverton>
District Court Berlin-Charlottenburg HRB 140028
Managing Directors: Florian Kuhlmann, Abhinav Somani
_______________________________________________
keycloak-dev mailing list
keycloak-dev at lists.jboss.org<mailto:keycloak-dev at lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-dev
--
________________________________________________
Marc Ewert | Senior Engineering Manager
Leverton GmbH | Schöneberger Str. 15 | 10963 Berlin | Germany
P +49 30 868 711 059
E marc.ewert at leverton.ai<mailto:marc.ewert at leverton.ai>
https://www.leverton.ai/ | LinkedIn<https://www.linkedin.com/company/leverton>
District Court Berlin-Charlottenburg HRB 140028
Managing Directors: Florian Kuhlmann, Abhinav Somani
More information about the keycloak-dev
mailing list