3

I'm new to Keycloak, and trying to customize login-phase to add dynamic parameters as user-session-notes.

In the legacy system, users login with username, password and additional parameter - lets call it dynamic-parameter. This dynamic-parameter can be different in each user-login, and depends on the user. It is being used for security-checks when user sends request to a service.

When moving to Keycloak, I tried to find a way to add dynamic-parameter in login-phase, so when sending request to a service with a token, the service can retrieve that dynamic-parameter and perform the security-checks. I didn't manage to find a way to do it nicely with Keycloak current capabilities.

Is there any Execution Flow that can be added along UsernamePasswordForm that can achieve this?

The closest things I found about this are threads that suggest self-development of Authenticator:

Tamir M
  • 87
  • 2
  • 7

1 Answers1

1

At last I created custom authenticator that puts the dynamic parameters as user-session-notes - by implementing Authenticator and AuthenticatorFactory. Following How to create custom authenticator.

Tamir M
  • 87
  • 2
  • 7
  • 4
    Your answer could be improved with additional supporting information. Please [edit] to add further details, such as citations or documentation, so that others can confirm that your answer is correct. You can find more information on how to write good answers [in the help center](/help/how-to-answer). – Community Nov 02 '21 at 08:38