Reputation: 79
Adding headers to request/response of keycloak token endpoint
Can we add custom headers to the token endpoint?
`curl --location --request POST 'https://localhost:8081/auth/realms/global/protocol/openid-connect/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'client_id=login' \
--data-urlencode '[email protected]' \
--data-urlencode 'password=balbabsfeds@123' `
We are using userfederation with custom logic to determine whether the credentials are authentic. We’ve implemented the authentication spi shown below. implements UserStorageProvider, UserLookupProvider, CredentialInputValidator, CredentialInputUpdater, UserRegistrationProvider
Upvotes: 0
Views: 2278
Answers (1)
Reputation: 1
You can extend Authenticator interface and read the custom header with
@Override public void authenticate(AuthenticationFlowContext context) {
List<String> customHeader = context.getSession().getContext().getRequestHeaders().getRequestHeader(customheader);
//perform action for accept and deny
}
place the custom jar under standalone folder (<=17 version) / place under /keycloak/providers/ directory above 18 version
Upvotes: 0
Related Questions
- how to get the roles in access token: keycloak
- Keycloak PUT-request returns 401 (unauthorized)
- KeyCloak /userinfo not returning user info, returns what appears to be a token
- Unable to validate the token from Keycloak
- Keycloak token generation not working- Unauthorized credentials
- Request header field x-xsrf-token is not allowed by Access-Control-Allow-Headers in preflight response
- Create Keycloak client via REST API