[keycloak-user] Custom authentication
Vagelis Savvas
vagelis.savvas at gmail.com
Tue Nov 13 12:07:09 EST 2018
Hello,
I'd like some advice on how to go about implementing the following
custom authentication scenario:
- A user besides the standard username and password optionally
provides one more secret in the login screen.
- The secret is associated with a realm role (one to one) by the realm
admin, and if matched the user is dynamically added to the corresponding
role.
- If the secret isn't provided the user is normally authenticated and
gets whatever roles he is assigned, like the default behavior
Of course I would like to avoid implementing an SPI for that :-) but if
it is not possible to avoid it I'd appreciate any insights and advice.
I admit I haven't carefully read the relevant SPI extension docs yet,
hoping that there is some way of doing it without an SPI extension.
Cheers,
Vagelis
More information about the keycloak-user
mailing list