Hello KeyCloak community.
I am currently setting up a SSO solution proof of concept using KeyCloak.
This project has user registration requirements that are not native to KeyCloak, and I would greatly appreciate your advice/recommendations to meet those requirements or alternative suggestions.
The custom process is planned as follows :
Users attempting to register through the SSO must be authorized by a custom process before being able to use the SSO, and will have a ‘pending’ status applied.
- Automatic user account validation, upon user registration attempt, their details will be automatically compared to an existing prospective user database. If a match is found, the user account status will be set to ‘validated’ and an mail will be sent to the user to inform him that he now has access to SSO linked platforms.
- Manual user account validation, Through KeyCloak if possible, or another back-office linked to the user database, administrators will be able to check ‘pending’ user registrations and validate them, also sending off an email to the user.
I am considering developing a custom registration flow to include a prospective user database check and email trigger, but this seems risky without a deep understanding of KeyCloak.
Alternatively, would it be possible to connect an external API to the KeyCloak user database for this procedure ?
Are any paid options available to make these kinds of additions/alterations to KeyCloak ?