[keycloak-user] Remove username/password fields from login

Bill Burke bburke at redhat.com
Wed Mar 2 16:35:52 EST 2016

To be "clean", create a new, flow, authenticator and form.  But the 
simplest thing to do is to just create a new theme, copy the login.ftl 
and modify it to remove the html form (username/password fields).  I 
know some people have created their own username page where a user 
enters in an email and based on the domain are routed to a specific IDP.

On 3/2/2016 3:42 PM, Simon Gordon wrote:
> Hi there
> (Thanks for the fast help on the Openshift Catridge btw)
> In our scenarios, there is no intention for users to have a username and
> password within KeyCloak - hence just use identities from Identity
> Providers.
> Within the 'Authentication' settings, choose 'Browser' as flow type, I can
> see 'Username Password form', but it is always 'Required'.
> I can see that some kind of login form is needed (we will not have a
> default) so users choose IdP, but really don't want the username/password
> fields. Do I resort to just removing them from the login template?
> I ask because the setting is a bit odd to have if it is always 'Required',
> so I'm concerned that I'm missing a general issue which pushes me towards
> giving all of our users passwords for KC. Which I'm keen to avoid.
> Maybe the console setting could do with a rename?
> Regards,
>      Simon
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user

Bill Burke
JBoss, a division of Red Hat

More information about the keycloak-user mailing list