[keycloak-user] Single login page for all realms
Pedro Pedro
sinsn_619 at abv.bg
Thu Mar 29 11:23:35 EDT 2018
Hi,
I'm working on a multi tenant project where usernames are actually their email addresses and the domain of the email serves as a tenant identifier. Example: user at myTenant.com
Now in keycloak I'll have different realms per tenant, but I want to have a single login page for all tenants and the actual realm that will do the authentication to be somehow resolved by the tenant in the username.
Is there such behaviour available in keycloak? I tested with v3.4.3 and did not found, neither in the docs mention any info.
If this is not currently supported, what is the best approach for implementing it?
This the idea I comeup with:
To extend keycloak login/authentication to be in two steps: 1 user first enters username and clicks continue button 2 the custom logic in keycloak to extract the tenant(realm) from the username and initiate login request, now that I have the realm 3 realm login page is loaded with username populated (if I pass login_hint=username, the field should be populated) 4 user enters password and clicks login button
What you guys think of this approach?
I found a thread on the mailing list (that I cant find now...) that discussed the same problem. It was something along the lines of - create a main realm that will "proxy" to the others, but I'm not quite sure how to do that.
Hope to get some insight soon.
Pedro.
More information about the keycloak-user
mailing list