Reputation: 105
Keycloak | How to add custom keycloak password policies?
I'm working on a new project that uses Keycloak platform. I want to find a way to add custom password policies in the Authentication tab. I want to add a dictionary with blacklist words that these can't be included in password of a user
for example from the blacklist dictionary the word "testing" should block all passwords that contains "testing" inside line "123testing@123",... etc
Also i have multi requirements of password policies that can be done with the option that Keycloak offers in the drop-down menu of password policies. I found in some forums that i have to create my own Authentication SPI but i can find any documentation that explains step to step (from scratch) how to achieve this.
Upvotes: 2
Views: 6703
Answers (1)
Reputation: 189
To implement an SPI you need to implement it’s ProviderFactory and Provider interfaces. You also need to create a service configuration file.
For password policy - You would need to implememnt PasswordPolicyProviderFactory.java and the implmentation will go in CustomPasswordPolicyProviderClass which will implements PasswordPolicyProvider.java class.
This way you should be able to register this policy in keycloak and can configure in the realm UI. Refer this for the contract - Service Provider Interfaces
Upvotes: 0
Related Questions
- Provide "Forgot Password" feature in Keycloak to certain users only
- Keycloak set password policy via Rest API
- Keycloak- passed parameter to meet password policy requirements
- Keycloak expire password policy per user/group
- Keycloak password policy
- Keycloak - import password policy
- Setting up Keycloak for authentication
- I want to have Custom Keycloack Authentication/Authorization or Identity Provider
- Keycloak Admin API - How to check if password fits the password policy
- Is is posible to use a custom authentication logic in Keycloak?