[keycloak-user] Keycloak Facebook Social Login

Summers Pittman supittma at redhat.com
Tue Nov 28 07:47:42 EST 2017 

So this is my best guess of where I would start developing this.

This is a bit complicated (and also my best guess), and I am basing my
answer a bit on : https://github.com/wpic/sample-keycloak-getting-token and
http://keycloak-user.88327.x6.nabble.com/keycloak-user-Brokering-with-OIDC-and-Direct-Access-Grant-td2435.html

There are four components of this system : the User, Keycloak, Facebook,
and your Application (aka Broker).  The Client requests the login page on
your Broker, is redirected to Facebook, and returns to your Broker with
Facebook's authentication payload.  The Broker can verify this payload.  At
this point you either have a new user or an existing user.

For new users  use the KeyCloak Admin API to generate a new initial access
token and pre-populate your registration form. The User will receive this
form and register for your application.  The Broker can exchange the
registration form for a proper access token and life can go on like normal.

If you have an existing user, you will need to use an External to Internal
token exchange.  This is documented here :
http://www.keycloak.org/docs/latest/securing_apps/index.html#external-token-to-internal-token-exchange.
There are limits to the token exchange, but I think that facebook returns a
compatible access_token.  I would suggest reviewing
https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow#token.
I
am looking forward to hearing if this works for you or not.

As I said in the opening, if I had your use case this is how I would try to
implement it.  I have not tested this myself.

On Mon, Nov 20, 2017 at 9:53 PM, Madhan Kumar S P <madhan.klazzez at gmail.com>
wrote:

> Hello All,
>         I am trying to integrate the Keycloak with Facebook social plugin.
> I had gone through the examples and documentation. This works fine if I use
> the Keycloak hosted Login Page.
>
>         What I need is that we want to host our own login page and use the
> Keycloak APIs to register the user and login.
>
>         I mean, I want to host our Sign Up/Login Page. When the user
> clicks on the Login with Facebook, we want to redirect the user to FB and
> get the approval and collect the details, create the user details that we
> need for our application. Then register the user on the Keycloak.
>
>         I don’t see any documentation for this. I would be really grateful
> if you can shed some light on this and point to the documentation that
> would help me in achieving this.
>
> Thanks & Regards,
> Madhan Kumar S P
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user

More information about the keycloak-user mailing list