[keycloak-user] Password related features for federated users

Ilya Korol llivezking at gmail.com
Mon Sep 11 22:43:37 EDT 2017


Hi. I've got some questions about enabling password-related features 
(policies, OTP ...) for users, that come from UserStorageProviders. 
Currently we integrated custom UserStorageProvider:

     - read-only

     - ability to update password via implementing CredentialUpdater

     - existing realm roles population to user during extraction from 
federated storage

I've dig into keycloak sources and find out that some policies (password 
history for example) rely on special SPI which holds persistent data for 
mentioned features. So the question is: Is it possible to somehow 
utilize this features for federated users? Is there any examples? What 
about OTP for federated users?



More information about the keycloak-user mailing list