Does keycloak support selection of certain scope for granting consent/authorization by the user to the application/oauth client?
If so, how can it pass the scopes selected by the user during authorization code workflow after authentication?
We managed to display custom consent page with checkboxes for each scope allowing the end user to select what consent the user wants to give to client/app, but not able to find a way to register consent in keycloak only for those scopes, which are selected by the user on consent screen.
Any help is highly appreciated!
4 Likes
Hi @sagarshah1983, we are struggeling with the same issue, did you find a solution? Thx
Unfortunately, no. we did not find a way to manage this. We had some other struggles as well managing our user base, so we decided move away from keycloak and use other tool as Auth server.
I’m in the same boat more or less.
How did you manage to display a custom consent page?
I would like the page to ask our backend service for the consent instead of asking the user.
We found it too hard unfortunately to customize this when embedding keycloak in our spring boot application. And we faced with other challenges overall w.r.t.multi tenancy and configuration within keycloak and so we decided to use other tools for Open ID Connect.
Ok, I’m also struggling with some multi tenancy.
What did you guys end up using?
We ended up using Ory Hydra, which is only a subset of keycloak in a way that it offers only Open ID Connect and OAuth 2.0 and does not deal with user authentication itself. We can build/reuse our own authentication framework
Cool, I’ll check it out!
Thank!