[keycloak-user] Check to see if user exists with Admin REST API

[Stian Thorgersen]

----- Original Message -----
> From: "Benjamin Hansmann [alphaApps]" <b.hansmann at alphaapps.de>
> To: "keycloak-user" <keycloak-user at lists.jboss.org>
> Sent: Thursday, 7 May, 2015 8:51:15 PM
> Subject: [keycloak-user] Check to see if user exists with Admin REST API
> 
> I hope this is my last question to this list :-)

That sounds very sinister, please don't go ;)

> 
> I want to check if a user exists with given username/or email address
> from within an Android App while the user is typing.
> 
> Hence I want to provide a REST endpoint to let the app check. I am using
> the Admin REST API for backchannel requests to keycloak from within my
> servlet.
> 
> /admin/realms/{my-realm}/users/{username} (or the get(username)
> equivalent of admin-client) does not work for checking if the email
> address is already in use.
> 
> /admin/realms/{my-realm}/users?search={username} works for email, but
> it's greedy. I think "%" is added at beginning and end of the query
> parameters before the database request, so that search hits are quasi
> guaranteed. E.g. if someone has a registered Email Address of
> john.smith at example.com and someone tries to register with
> smith at example.com or smith at example.com.br it is shown as already in use.
> 
> Any ideas? How is this solved in the web frontend? Maybe the Admin REST
> API endpoint should support username and email as path params when those
> two can be used to login?

I wouldn't hit Keycloak with these queries, especially not if you're expecting your app to have many users. I'd write an event listener provider and use that to write usernames and emails that are in use to your application database and query that instead.

> 
> Best Regards
> Benjamin
> 
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>