Reputation: 1203
Keycloak user management
I'm developing a microservice (restful) project that uses kaycloak as IAM. I could create realm, client, users,... for authenticating but my concern is should I manage users only on keycloak or creating my own user table in my microservice?
Upvotes: 2
Views: 817
Answers (1)
Reputation: 51443
is should I manage users only on keycloak or creating my own user table in my micro-service?
First you need to check what can one do (or not) with Keycloak regarding user management and compared with your current (and possible future) requirements. If it does not completely fulfill your requirements then you can either extend Keycloak, adapt your requirements, or (probably the most straightforward solution) have your own user table in your micro-service.
You might want also to create your own user table for performance reasons. Depending on how slow it is to access Keycloak in your setup you might consider using that user table as caching mechanism for quick access of user-related information.
The problem of having that user table is that depending on the user information stored on Keycloak and on the user table you might have to keep them in sync. Moreover, if that information exists on the user table and not on Keycloak, and you need that information on the tokens, you will have to think about how will you handle such situations.
Personally, I would try to avoid creating the user table unless it is really necessary. So a complete answer to your question will most-like be highly dependent of your own needs.
Upvotes: 3
Related Questions
- How to enable/disable user in Keycloak Admin Client
- Keycloak impersonation only for certain users
- Keycloak user session persistence
- Custom username in Keycloak
- Setting up Keycloak for authentication
- Authorization on Keycloak
- Keycloak authorization
- Keycloak policies for user management not working
- Keycloak: Temporary and permanent lockout of user
- Keycloak secure user registration