Reputation: 24452
Is is posible to use a custom authentication logic in Keycloak?
I have configured Keycloak with LDAP User Federation. When a user wants to login into an application, he is redirected to the Keycloak login page, enters the uid/pwd and is authenticated using an LDAP bind.
This isn't enough for my requirements since I would like to implement some custom authentication logic, e.g:
public boolean authenticate(String uid, String pwd) {
//1.- validate against LDAP
//2.- do some other validations
return validationResult;
}
How could I include my own authentication logic into Keycloak?
Upvotes: 4
Views: 8159
Answers (2)
Reputation: 1410
You could implement an Authentication SPI and deploy it to Keycloak server, or you could implement the authentication logic inside the custom user provider package if you are implementing user federation without using the default options (this authentication flow would be available only for this particular federated user store in this case).
Upvotes: 2
Reputation: 3576
To add a new authentication mechanism, you implement the Authentication SPI. This is described in the Server Development guide > Authentication SPI section.
Upvotes: 3
Related Questions
- Keycloak - Can you add custom claims to client credentials?
- Implementation of custom authentication in keycloak
- Keycloak | How to add custom keycloak password policies?
- Multiple authentication methods for a user in Keycloak
- Custom Authentication using Keycloak
- I want to have Custom Keycloack Authentication/Authorization or Identity Provider
- Keycloak Customization to run custom java in authentication flow
- Custom provider in KeyCloak which can do the authentication based on username and password
- Custom Authenticator for OpenID Keycloak realm
- Keycloak: Authenticate user with a custom JWT