Awesome! Extremely helpful ! Thanks, Niko Köbler!

Awesome video! helpfull !... please provide a video for the custom ISP in Keycloak

Hello Niko, Thank you for these helpful examples. Trying out the PeanutsUserProvider tests I got an error in the test testLoginAsUserAndCheckAccessToken. The access token payload does not contain the requested attributes, if I switch to the id token however, the test succeeds. Am I missing something? Thank you in advance. Mrs. Wilke Jansoone

Thanks for this awesome tutorial! Is that possible to store default users in my own database but let Keycloak manage credentials (password, etc) ?

Hi Niko, thanks for the explanation of your example provider. I'm just finishing to implement a redis provider. My use case only requires user to be imported to KC local storage but could easily be extended to other use cases.

Great, thank you for these awesome keycloak tutorial! Can we have a tutorial on how to implement mandatory fields in keycloak registration or in idp-login update profile?

Thank you, I really appreciate your efforts

Is there any example for implementation of UserBulkUpdateProvider, ImportedUserValidation and ImportSynchronization?

Great, it's helpful. many thanks 😊🙏

Thanks for the video. It was very helpful. Did you plan to make a video based on the new api Map Storage API that replace the deprecated User Storage SPI in the latest keycloak version ?

Awesome video. I've seen many of your videos, and you are up there among the best regarding Keycloak. In doing a User Storage Provider similar to this here, I've noticed that every time keycloak loads a "federated user" data (for example an via Api), that same user data is loaded many times, which translates into many equal requests hitting the server containing the "federated users". In case this a known phenomenon could you please point me towards relevant documentation where I can learn more about avoiding this? Keep up the awesome work, and just so that you know, your material helped me a lot in implementing custom 2FA checks, and custom authentication flows.

Thank you very much for this video. I have a keycloak realm which only accepts x509 authentication. Is there any way to implement a x509 custom user provider? I need to get the userdata from a remote web service which accept only signed (with the user certificate) requests

Hi Niko, thanks for your explanation. is it possible to create custom provider for groups search, in order to make the search case-insensitive?

Hi. Extremely useful example. Thanks. Do you know if it is possible to map client roles as well as realm roles. If I return them both from getRoleMappingsInternal they all get added as realm roles (even if I set isClientRole to true in the RoleModel)and getClientRoleMappings doesn't seem to get called.

Thank you very much for this video and popularization of providers for keycloak. You are my teacher :). Your Flintstone example helped me a lot to start implementing my first provider, but I had to go further with it. Namely, to implement role management, adding roles to the realm from storage, assigning, deleting mappings. The only thing that is not solved for me is the interception of the role creation event in the realm in order to instantly synchronize it with the jdbc repository. Thanks for your experience

Thank you for this tutorial, just I want to know which is the best embedded keycloak or standalone keycloak for this solution and how I have to make my choice.

Just started the learning path regarding this thread and would be very grateful for a hint on how to install the custom user federation. I know that the JAR package should be in the providers folder, but how to create this JAR file? I tried to use the default command in cmd, but it didn't work for me( Get nothing after "kc.bat build" command(

This channel is so great!

Thanks, good video. Do you know how to distinguish credential types ? In this video used PasswordCredentialType, how to realize PincodeCredentialType, FingerPrintCredentialType, and send request for authorization via Authzclient ?

Is it possible to create some kind of User Attribute Provider attributes from which we can map to LDAP/AD users ?

Are attributes only of type String? Or can it be any object? Imagine the scenario where the peanut user contains also objects (like a list of products, a "one-to-many" relationship to products). Can the user SPI handle this use-case? Vielen Dank!

Hi Niko, thanks for the explanation, my question now is how we can combine it with 2FA.

Awesome Niko!!!

Can you implement the User Storage Provider without handling credentials? Can I leave that to Keycloak to deal with and I just store the User's ID, username, email... ?

How can SwaggerUI can be attack to SPI implementation, or this is possible?

Very good tutorial video! Your different tutorials about keycloak helped me to understand how to use this tool. Regarding the user storage provider, I downloaded your jar file and imported it in keycloak by providing the link to a replication of your apis in mockoon but the connection fails. Please could you tell me what this is due to. Thanks

Hello Niko Köbler. How I can use Keycloak reset password and forget password feature in my react admin panel?

hey niko, is there any chance you could do a video on how to customize the keycloak v2 theme?

Do you think its possible to add a button to test the connection just like the ldap privider?

Hi Niko Kobler, can we use MongoDB as User Federation in Keycloak. Does User Storage SPI can be used for this purpose?

Hi, can two clients in the same realm communicate with each other on keycloak ? if yes, how ? if no, why ?

Hi thanks just a couple of questions. If the peanuts service returned a jwt token that is used for future requests how does that get passed back to a client by keycloak ? Also am I correct in reading that a new mapping api has replace this now ? Do you still. Recommend using this api. Thanks againr

Hi, Thanks for sharing this wonderful article. I have tested it in my local environment and it is working perfectly. Is it possible to add the additional information which is returned from the backend REST API to the generated token. And also let me know if it is possible to add custom response in case of authentication failure. Thanks...

but i didnt find peanuts-user-provider in my choices when I lunched the server

Thank you so much

Hello Niko, is there option for remove Default configuration options for Unlink/Remove users from Local storage?

Hello Niko, i already realized a UserStorageProvider that access an external legacy Oracle Database for users with keycloak 16.1.1 but now with keycloak 17.0.0 I don't know how to tell my custom provider how to configure the additional datasource. Before the datasource was configured inside wildly but now? Please help me! I don't find anything in the documentation or forums that give me advices...Thank you in advance

Thanks man, You saved my day

Amazing video, very helpful!!! Do you know if possible match a client to a specific user federation?

Thanks for awesome tutorial and good explanation 👍 Is it possible if I use stand-alone Keyclock(on Docker) and then implement Custom User Storage Provider via spring-boot?

thank you!

Thanks for the video, but I get a strange bug on version 19.0.1: I compile your example, but I don't see provider settings except "Console display name", "Cache policy".

Is it expected the users to have FederationLink?

Hi, In my organization they have a requirement to have swagger functionality support for Keycloak. So for this, they want me to get the clone of it and make the changes to the source code. So, I want to ask is it required to get the clone and make the changes in the source code and build it? Will appreciate your early response Thanks.

Hello Sir, thank you for the knowledge you provide for free. I'm new to Keycloak and i wanted to ask, if there is any way to deploy JAR-files, which contain javascript policies, into a Keycloak instance that is running from a docker container. I know that on my local machine, i can simply create a Jar that contains a keycloak-scripts.json file and the JavaScript policies, each policy being a single .js-file and then upload the jar pretty easily through the command line. However, I don't know how i could deploy them on a containerized instance.

I would like to extend Role mapping to add attributes like validTo, can you do a video about that, or can someone help me to find resources how to do that? Thx

thanks for the video, but how we can build and include the extension as jar file in keycloak docker container

Hello Niko. Thank you for awesome video. I am currently playing around with Custom User Storage Provider. I have a Users microservice that I want to use as actual user storage provider, but I am having a difficulty to implement endpoints in that microservice for the SPI to make RestEasy requests to get required data and information. Could you please make additional video on this theme and show what will happen in the service itself that these Resteasy Requests are going to?

Thank you I hope to make a video about User Storage SPI using database directly

Thanks a loo, Niko, im having an issue trying to use an oracle external db as datasource on keycloak, but the oracle module is not loading, im using the lasted driver for oracle ojdb but i also tryed the previous one 11 and 8, im using oracle 19c and for keycloak version the 15.0.2, but i cant migrate it, this is the issue im having, failure description: "WFLYJCA0041: Failed to load module for driver [com.oracle]", hope someone in the comunity can help me, i know is not the correct place to ask.

Hello Nico, how can I customize only the user authentication, validate that the username and password in an external web service, authenticate it even if it is not registered in keycloak

Nice video. Can you please also add an example covering how can we add custom JPA entity provider in Keycloak Quarkus?

Hello, where to deploy this? What directory should it be stored? I mean for the built jar file

great stuff

Hi Is there way to pass additional info to custom user storage provider ? I want to acess company id when creating new user...

Thank you Niko for this amazing videos. I have a request if you don't mind. Can you talk about authorization services and add some example of it? It has been a bit difficult to understand and I think with an example and a use case it would be great. Thanks again!

Hi, thank you for these awesome keycloak tutoria. Can u share your class diagram.

Hi, Can you make a video about Key Cloak and API Six ?

Hi Niko, Great Content Indeed. But can you showcase the same using Spring Boot

Hello There. User Storage Provider has been deprecated. Do you have any work around for this?

can it work on sql server database if I provided the jdbc url, username and password instead of the api?

superb video. I have one question? Is there any way to update User Personal Info like firstname lastname email etc ? keycloak 17 @Niko