[keycloak-user] User Federation for Admin Users
Don Reynolds (dreynold)
Don.Reynolds at quest.com
Tue Oct 23 08:38:45 EDT 2018
Hello Pulkit,
You could setup and an identity provider in the Master realm which only your admin user have access to authenticate against, and then setup a "hardcoded role" mapper for that identity provider to map all who authenticate to the "admin" role. This will grant all your admins (who can authenticate against the identity provider you configured) admin access within the keycloak admin console.
If you only want to grant these users keycloak admin access for a particular realm, set up the identity provider in the desired realm and create the "hardcoded role" mapper to map the "realm-management" Client Role of "realm-admin" to those users. See more about "Dedicated Realm Admin Consoles" at: https://www.keycloak.org/docs/latest/server_admin/index.html#_per_realm_admin_permissions
Regards,
Don Reynolds
> -----Original Message-----
> From: keycloak-user-bounces at lists.jboss.org <keycloak-user-
> bounces at lists.jboss.org> On Behalf Of Pulkit Srivastava
> Sent: Tuesday, October 23, 2018 6:52 AM
> To: keycloak-user <keycloak-user at lists.jboss.org>; keycloak-user-
> request at lists.jboss.org
> Subject: [keycloak-user] User Federation for Admin Users
>
> Hi,
> Is it possible to use an external user federation for admin users in keycloak.
> These users should be able to login to keycloak admin.
>
> Thanks,
> Pulkit
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list