Seeking example of Authenticator SPI

826 views
Skip to first unread message

Jason Terry

unread,
Aug 10, 2022, 5:44:09 PM8/10/22
to keyclo...@googlegroups.com, keyclo...@googlegroups.com
Greetings,

I am trying to understand how to create an SPI and the documentation and resources have not done a great job outlining exactly how this works.

My use-case is that we have a client that doesn't handle SSO, and so they will send us a signed-url with some params that contain the info for their user (including their user member-id) that we then want to create a linked keycloak user for so that we can then auth them with that going forward.

If anyone has information on this please assist.
--
Jason Terry
Senior Software Engineer
Figg | 1234 Elmberry Lane, Detroit, MI 55555
614.203.6637 | jte...@gofigg.com | LinkedIn

Fesenmeyer Daniel (IOB/PAU2)

unread,
Aug 11, 2022, 3:20:51 AM8/11/22
to Jason Terry, keyclo...@googlegroups.com, keyclo...@googlegroups.com

Hi Jason,

 

I don’t know about any official Keycloak authenticator examples.

I have only found this one here, which seems to be a bit outdated: https://github.com/keycloak/keycloak-quickstarts/tree/latest/action-token-authenticator

 

Probably the best way to implement an authenticator is to get inspired by Keycloak-builtin authenticator implementations, which are all implementing the interface org.keycloak.authentication.Authenticator: https://github.com/keycloak/keycloak/blob/main/server-spi-private/src/main/java/org/keycloak/authentication/Authenticator.java.

 

You can also find some community-built authenticators mentioned on the Keycloak extensions page: https://www.keycloak.org/extensions.html

 

Or, the “MagicLink” authenticator implemented by Niko Köbler: https://github.com/dasniko/keycloak-extensions-demo/tree/main/magiclink

 

Mit freundlichen Grüßen / Best regards

Daniel Fesenmeyer

Bosch IoT Permissions - Product Area User Management (IOB/PAU2)
Bosch.IO GmbH | Ziegelei 7 | 88090 Immenstaad | GERMANY | www.bosch.io
Tel. +49 7545 202-360 | Telefax +49 7545 202-301 | Daniel.F...@bosch.io

Sitz: Berlin, Registergericht: Amtsgericht Charlottenburg; HRB 148411 B
Aufsichtsratsvorsitzender: Stefan Koss; Geschäftsführung: Dr. Andreas Nauerz, Yvonne Reckling

--

Das Bild wurde vom Absender entfernt.

--
You received this message because you are subscribed to the Google Groups "Keycloak Dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to keycloak-dev...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/keycloak-dev/CAMgkmf9RTbYjtpg3nHfmD19W6oPp2OYFQxtz40S4SzspS9vc%2BQ%40mail.gmail.com.

Reply all
Reply to author
Forward
0 new messages