Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

https://github.com/ohioit/keycloak-link-idp-with-user

Simple Keycloak authentication provider that links users logged in through an IdP with their Keycloak or Federated user automatically, without prompting.
https://github.com/ohioit/keycloak-link-idp-with-user

Last synced: about 1 month ago
JSON representation

Simple Keycloak authentication provider that links users logged in through an IdP with their Keycloak or Federated user automatically, without prompting.

Host: GitHub
URL: https://github.com/ohioit/keycloak-link-idp-with-user
Owner: ohioit
License: apache-2.0
Created: 2016-03-11T14:55:08.000Z (over 8 years ago)
Default Branch: master
Last Pushed: 2018-09-20T14:27:12.000Z (almost 6 years ago)
Last Synced: 2024-03-27T11:24:36.306Z (3 months ago)
Language: Java
Size: 57.6 KB
Stars: 25
Watchers: 4
Forks: 5
Open Issues: 1
Metadata Files:
- Readme: README.md
- License: License.txt

Lists

awesome-keycloak - Keycloak: Link IdP Login with User Provider

README

![Project unmaintained](https://img.shields.io/badge/project-unmaintained-red.svg)

**NOTE: This is no longer required as it's included in KeyCloak by default as of 4.5.0. See here: https://issues.jboss.org/browse/KEYCLOAK-7270?_sscc=t. While 4.5.0 isn't out yet, the docs can be seen in this PR: https://github.com/keycloak/keycloak-documentation/pull/435.**

# Keycloak: Link IdP Login with User Provider

When using an external identity provider, [Keycloak](https://keycloak.jboss.org)
will, by default, ask the user if they would like to link their IdP login
with an existing account, if one exists. When the external identity provider
is an enterprise SSO solution linked to an enterprise user directory with
which Keycloak is federated, these additional prompts are undesirable and
confusing to users. This small authentication provider can be dropped into a
flow to automatically link an IdP login with an existing user, federated or
otherwise, without prompting the user.

## Usage
1. Download a release jar or build with maven: `mvn package`.
2. Drop the jar into one of the directories defined in the `providers`
element of `standalone/configuration/keycloak-server.json`.
3. Create or modify an Authentication flow to include the new `Link IDP Login`
provider in the appropriate place.
4. Modify an Identity Provider to use the above flow.

## Example

Typically, you'll want a simple flow that starts with `Create User if Unique`
and continues to `Link IDP Login`, both of which should be alternative.

![Link IdP Login Example](doc/link-idp-login-example.png)

## License

* [Apache License, Version 2.0](https://www.apache.org/licenses/LICENSE-2.0)