[keycloak-user] Authentication via Facebook Token

Marek Posolda mposolda at redhat.com
Thu Aug 4 06:32:13 EDT 2016


On 03/08/16 20:34, Luigi De Masi wrote:
>
> Hi,
>
> I have to create a rest layer to allow a mobile application to 
> interact with KC because mobile developers don't want to use any kind 
> of redirect or webview, only rest calls for login/registration.
>
> For a username/password  authentication/registration  is easy, I can 
> use admin rest api, but for social login (only via facebook), there is 
> a way to get a keycloak JWT token passing a facebook token using admin 
> api or any other rest api?
>
You can use Direct Access Grants (aka. "Resource Owner Password 
Credential Grant" from OAuth2 specification).  We also have possibility 
to configure your own authentication flow for Direct Grant. Here you can 
put your Authenticator, which will read facebook accessToken and 
authenticate (and possibly also lazily create if you trust facebook? ) 
user based on that.

Marek
>
> If not,  it's better to plug  an authentication provider using 
> Authentication SPI or create a custom rest endpoint and generate 
> (don't know how) a JWT?
>
> Thanks.
>
> -- 
> Luigi De Masi
> /"Talk is cheap. Show me the code."/
> /                       -- Linus Torvalds/
>
>
> ------------------------------------------------------------------------
> 	
> Extra srl
> p: 	+39 0587975800
> a: 	Via Salvo D'Acquisto 40/P - 56025 - Pontedera - Italy 
> <https://goo.gl/maps/ngs7hecn9By>
> w: 	www.extrasrl.it <http://www.extrasrl.it/> e: info at extrasys.it 
> <mailto:info at extrasys.it>
> <https://www.facebook.com/Extra-149813195076455/?fref=ts> 
> <https://twitter.com/extrasrl> 
> <https://www.linkedin.com/company/extra-srl> 
> <https://flipboard.com/@extrasrl/soluzioni-per-il-business-0rk6urr6y> 
> <https://www.youtube.com/channel/UCZa_aTznqeh5zoIPKPk1dNg>
>
> Le informazioni trasmesse sono riservate alla persona o ente alla 
> quali sono indirizzate e possono contenere informazioni riservate e/o 
> materiale di valore. Qualsiasi revisione, ritrasmissione, diffusione o 
> altro uso, o l'adozione di azioni basate su tali informazioni da parte 
> di soggetti diversi dal destinatario è proibita. Se avete ricevuto per 
> errore questo messaggio, siete pregati di informare il mittente e 
> cancellare il materiale contenuto da ogni computer.
>
> The information transmitted is intended for the person or entity to 
> which it is addressed and may contain confidential and/or privileged 
> material. Any review, retransmission, dissemination or other use of, 
> or taking of any action in reliance upon, this information by persons 
> or entities other than the intended recipient is prohibited. If you 
> received this in error, please contact the sender and delete the 
> material from any computer.
>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160804/56653349/attachment.html 


More information about the keycloak-user mailing list