Additional redirect after login

djordje · March 3, 2025, 11:40am

Hi guys, I have a question:

Is it possible to redirect user to some additional page after login for some time and then continue with a flow?

So the requirements is to enter username/password on Keycloak login page, and if credentials are good, not redirect it immediate to redirect urls, but first redirect it to some new page where some info will be shown, and on press OK the flow should continue.

My idea is to add additional custom step in browser flow after all current steps, but that step should have UI (to have that page with info and OK button).
Any idea other idea or point of view?


public class CustomCheck implements Authenticator, AuthenticatorFactory {

  public static final String PROVIDER_ID = "custom-checker";

  @Override
  public void authenticate(AuthenticationFlowContext context) {
    UserModel user = context.getAuthenticationSession().getAuthenticatedUser();
    RealmModel realm = context.getRealm();
    String realmName = realm.getName();

    // PERFORM LOGIC .... 
    ... 
    /// 
    /// REDIRECT TO UI PAGE INSTEAD OF context.success()??? 

    context.success();
  }
}

dasniko · March 4, 2025, 6:15am

Implementing a custom Authenticator would be the (best) way to go.

In your authenticate method, you have to set a (custom) form (.ftl file) to the context, not calling context.success().
This form then just has as form with a submit button. Sending the form initiates the action method. Here you then just can call context.success().

Having a look in some of the built-in authenticators or from examples (like GitHub - dasniko/keycloak-extensions-demo: Demos, examples and playground for Keycloak extensions, providers, SPI implementations, etc.) should give you more information and ideas.

HTH

djordje · March 4, 2025, 1:05pm

tnx for your response, I did it as you said with Authenticator and works fine!
For others facing with same requirements here is my code:

public class CustomAuthenticator implements Authenticator, AuthenticatorFactory {

    public static final String PROVIDER_ID = "custom-authenticator";

    @Override
    public void authenticate(AuthenticationFlowContext context) {
        String execution = context.getExecution().getId();
        UserModel user = context.getUser();
        KeycloakSession keycloakSession = context.getSession();
        RealmModel realm = context.getRealm();

        // .... my logic .....

            context.challenge(challenge);
        } else {
            context.success();
        }
    }

    @Override
    public void action(AuthenticationFlowContext context) {
        context.success();
    }
    @Override
    public AuthenticationExecutionModel.Requirement[] getRequirementChoices() {
        return REQUIREMENT_CHOICES;
    }

... 

rest of required methods

Topic		Replies	Views
Post-login redirect Getting advice	0	3796	April 20, 2021
Authentication with external redirect Getting advice authentication	1	2690	January 31, 2022
How to add additional param to url after successful login Extending the server authentication , oidc	0	1783	January 24, 2022
Conditional IdP Redirector or custom username followed by password login screens? Configuring the server	2	2946	April 6, 2021
Need advice on custom authenticator Getting advice authentication , identity-brokering , oidc	4	200	August 13, 2024

Additional redirect after login

Related topics