Externalized user data, account de/registration


I have a separate microservice with a database containing some user information like owned wallets and their IDs, I would like to add these wallet IDs to the users JWT which can be done fairly simply via a custom token mapper that can HTTP GET what it needs.

The problem is user registration/removal. When registration happens I would like my microservice to know about it. It would be golden if all user data (like emails in case of social login) could be included in a call somehow, but as long as it contains the Keycloak user id I should be able to fetch that information afterwards. It’s not just shuffling data around but there are some processes I’d like to kick off for new user registrations.

I looked at User Provider SPI but I would still like Keycloak to manage the user accounts themselves so that doesn’t fit. There is a User Profile SPI which sounds like it could be great, however I the little documentation I can find seems to say the functionality for my scenario isn’t there yet.

With there seemingly being little support for my case I think I’m doing something bad/stupid, what would you recommend? Should I use a EventListenerProvider to listen to account creation events and handle necessary actions from there?

I have a similar problem that I’ve solved with an EventListenerProvider. Listen to the REGISTER login event and the User.CREATE admin event.

If you also need to do something on a user delete, I’ve found registering for the UserModel.UserRemovedEvent ProviderEvent is a good way to do it.