How to call external APIs from a custom field validator?

BradleyS · March 11, 2023, 1:29am

Does anyone know if it is possible to call external APIs from custom field validators?

Let’s say I wanted to validate a field like username or password (I know password isn’t exposed on user profile but for example) against the HaveIBeenPwnd API?

Is there any good documentation for how to utilize Keycloak’s RestEasy / HttpUtil / etc. to accomplish something like this? I know people suggested on other posts such as this “Can we make an external api call in keycloak files” to use HttpClientProvider but is that the best way in 2023 Keycloak Version 21.0.1?

xgp · March 11, 2023, 9:14am

There’s a nice convenience class for making HTTP requests in Keycloak: SimpleHttp (Keycloak Docs Distribution 21.0.1 API)

You can use it with the session like this:

  SimpleHttp.Response resp =
    SimpleHttp.doPost("https://haveibeenpwned.com/test", session)
    .param("passwd", password)
    .asResponse();

BradleyS · March 13, 2023, 5:03pm

Ok thank you. I remember seeing references to that class but wasn’t sure. I will try using this.

Topic		Replies	Views
Can we make an external api call in keycloak files Getting advice	1	630	September 7, 2022
How can I call an external API from registration flow? Getting advice authentication	0	134	December 8, 2023
Keycloak custom authenticator Rest call	2	521	March 5, 2021
Extending Keycloak Authorization Using External Data Extending the server	3	929	June 1, 2022
Can we call keycloak rest api from keycloak js plugin Getting advice adapter-javascript	0	526	June 15, 2020

How to call external APIs from a custom field validator?

Related Topics