Keycloak Based
This handler (com.rierino.handler.auth.keycloak.KeycloakEventHandler) provides a Keycloak based implementation of AuthEventHandler.
Last updated
This handler (com.rierino.handler.auth.keycloak.KeycloakEventHandler) provides a Keycloak based implementation of AuthEventHandler.
Last updated
Keycloak provides capabilities such as social login, user federation and support for OpenID Connect, OAuth 2.0, and SAML. This handler is only available in Rierino Core+ version.
This handler uses the following extra configurations, actions and parameters:
system
Name of Keycloak system for access details
admin_keycloak
-
This handler requires the following dependency added to deployment contents:
This handler supports using additional credential types provided as "credential_type" in request in addition to "password" option.
This handler supports using additional credential types provided as "grant_type" in request in addition to "password" options.
Allows updating password for a user represented by the "access_token" using "password" field.
inputElement
Json path for the input in event payload
auth
-
Triggers an action e-mail through Keycloak system for a specific action type (e.g. VALIDATE_EMAIL, FORGOT_EMAIL) for a given "username".
inputElement
Json path for the input in event payload
auth
-
With event metadata parameters as:
action
Action to execute
FORGOT_EMAIL
-
Resets the password for a user to a given "password", using "action_token" for user verification:
inputElement
Json path for the input in event payload
auth
-
Verifies a user e-mail (if required in realm) using "action_token" for user verification:
inputElement
Json path for the input in event payload
auth
-
Keycloak stores firstname, lastname, email as user profile data. User attributes are also stored as profile data, except for attributes starting with # character. Attributes starting with # are stored as access data, hence considered as data not managed by the users themselves (e.g. assigned user groups).