How to add or access a keycloak user in client application project without the first login?

[rakesh kotian]

My Use case is as follows:

My Client application for Keycloak is Harbor(we can assume any other application as well here) which I have integrated with Keycloak for Single Sign On. The Keycloak users are able to login to Harbor .

Let's say User1 is a Keycloak User who has logged in once or more than once into Harbor app, so he gets listed in the Harbor user listing page, Now the Harbor admin is able to add this user to a project in Harbor. No issues here.

Now let's say we have User2 in Keycloak, who has never logged into the application Harbor. Problem here is the Harbor admin is not able to add this User2 into any project in Harbor, Im looking for a solution to solve this challenge, i.e, When Harbor Admin is trying to grant access to particular project , he should be able to do it for any Keycloak user even though he ha not logged in to application at-least once.

[Tony Harris]

We looked at two possible options for a similar situation.  Some middleware that used Keycloak API's to extract users from the Keycloak realm and update/insert into the application that required them via its API's or a custom event listener in Keycloak to push new users/user updates into the other application via its API's.

Personally we went with the custom event listener.

Tony

--
You received this message because you are subscribed to the Google Groups "Keycloak User" group.
To unsubscribe from this group and stop receiving emails from it, send an email to keycloak-use...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/keycloak-user/a7e73976-70f1-412d-98c6-c330e20ac0e4n%40googlegroups.com.

[rakesh kotian]

Thanks Tony.

Out of the events that are available in keycloak https://www.keycloak.org/docs-api/17.0/javadocs/org/keycloak/events/EventType.html , here I could not find something like user create, But I see REGISTER event. Will that be appropriate for this usecase?