Keycloak User federation using existing MySQL database for users authentication

26,124

Solution 1

Check Keycloak Custom User Federation

It means that, to use diffirent datasource (or process) while Keycloak username / password login

see =>

  1. https://github.com/keycloak/keycloak-documentation/blob/master/server_development/topics/user-storage/simple-example.adoc
  2. https://tech.smartling.com/migrate-to-keycloak-with-zero-downtime-8dcab9e7cb2c github => (https://github.com/Smartling/keycloak-user-migration-provider)

First link => explaining how to configure external db to keycloak.

Second link (need changes)=> these examplecan change like that,

  • you can create a custom federation implementation,
  • it will be call your service,
  • your service will be query your db
  • your service will response your result

Second example(my suggestion) will be abstract your custom code (federation process, your service) and keycloak. Keycloak ony call your service, everything else are your implementation.

Solution 2

You should implement your own user storage SPI to integrate your MySQL db as an external user storage db

https://www.keycloak.org/docs/latest/server_development/index.html#_user-storage-spi

Share:
26,124
Sagar Chilukuri
Author by

Sagar Chilukuri

Updated on July 09, 2022

Comments

  • Sagar Chilukuri
    Sagar Chilukuri over 1 year

    I am trying to setup Keycloak server for our organisation. I have couple of questions.

    1. How can we use our existing user database to authenticate users - User Federation. Keycloak only has LADP/Kerberos options. Is there any custom plugin which can be used for MySQL user authentication or can we use existing connectors itself (LDAP/Kerberos) via some adapter for the database?
    2. Is it possible to have multiple Identity providers within Keycloak environment - (Have Keycloak as IDP for few services, while Keycloak Google IDP for other services).

    I have followed the official documentation, but for some reason not able to view the content of the link. Any helpful links to proper guide would be great.

  • Jean-Rémy Revy
    Jean-Rémy Revy almost 4 years
    Your first link is no longer available... 1 year later obviously :)