Keycloak custom login provider

Hi everyone, I wanna customize our keycloak and what I have to do as you can see first we check his keys and if it is correct and not expired then we let him to enter and also everytime user enters we need to save his actions like old tokens also, Do anyone knows how to do this process like adding custom login provider(is there any documentation or tutorial that explains fully architecture of keycloak), also we need to implement our custom theme, there is a .ftl formats is the only way to do this ? Any advices are welcome !

We similarly needed to implement not only a new login theme but add business logic to the process by extending the built-in login authenticator.

You’ll need to create it the same way you’d create any Keycloak Provider; implement a LoginFormsProviderFactory factory that extends FreeMarkerLoginFormsProviderFactory and a LoginFormsProvider of your own that can extend FreeMarkerLoginFormsProvider.

You’ll also create your new freemarker theme the same way you normally would and select it for your client. You can use the build-in bootstrap and javascript libraries or add your own.

The important thing to keep in mind is that this provider overrides the default one; so ALL login form requests will be funneled through your new provider.

A good entrypoint for custom login would be is createCommonAttributes


    @Override
    protected void createCommonAttributes(Theme theme, Locale defaultLocale, Properties messagesBundle, UriBuilder baseUriBuilder, LoginFormsPages page) {
        super.createCommonAttributes(theme, defaultLocale, messagesBundle, baseUriBuilder, page);
        // This code runs for _ALL_ login form requests

        if ("mycustomtheme".equals(theme.getName()) {
            // Your custom logic goes here

You can add items to your Freemarker context with attributes.put("key", object); and access them in the template with ${key}.

Use the uriInfo object if you need to check your current request URL or see any queryparams.

Again, this overrides the default form provider for all login requests so good error handling is a must.

Hope this helped!

1 Like

Thank you very much ! If you have any example resource to look at it for learning purposes, It will be so good !