[keycloak-user] User Search by Attribute
Stian Thorgersen
sthorger at redhat.com
Thu Dec 22 01:29:36 EST 2016
No, we don't support searching by attributes at the moment. You could use
groups for tenants instead of attributes though. That'd be a better match
for what you are doing and you can look for users belonging to a group
already.
On 22 December 2016 at 02:43, Dana Danet <Dana.Danet at evisions.com> wrote:
>
> Users ——————SP(uncommon) ———— Company SSO —— ——
>
> |
>
> |
>
> |(saml2)
>
> |
>
> |
> Users ———————————— IdP ——— ————————— Keycloak ————— (JWT) ————> service
> gateway ————> clients/resources
>
>
> > On Dec 21, 2016, at 5:37 PM, Dana Danet <Dana.Danet at Evisions.com> wrote:
> >
> > I am replacing a custom java built IdP build in Spring with Keycloak.
> Initially I was hoping to leverage Realms as a way to separate users across
> tenants, unfortunately clients cannot be registered across Realms (AFAIK?).
> >
> > Since I am replacing a user db including some minor attribution with
> Keycloak, I will need to support fetching users by tenantId. As far as I
> know this can only be done via user attributes and using client templates
> to expose those attribute to token primary level objects. My question is..
> Is there a way to leverage the Java Client API to search for realm users
> belonging to a specific tenantId?
> >
> > Ideally….
> >
> >
> > List<UserRepresentation> users = keycloak.realm("iacuc").users().search(“tenantId:<some
> uuid>", <start>, <limit>);
> >
> > or
> >
> > List<UserRepresentation> users = keycloak.realm("iacuc").users(
> ).search(“attribute:tenantId:<some uuid>", <start>, <limit>);
> >
> >
> > -dana
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
More information about the keycloak-user
mailing list