Keycloak for mobile datacenter with poor network

hopoffbaby · October 29, 2020, 5:29pm

Hi All,

I have a use case where I need to provide OIDC functionality to a mobile datacentre. This DC has very poor/intermittent internet connectivity.

I have searched the docs, but I dont seem to be able to find my answer.

What I’d really like from keycloak is to be able to use AzureAD as a user federation location via keycloak, where keycloak caches all of the user info and credentials. In the case of a internet outage the users will be authenticated by keycloaks caches instead of being authenticated by Azure Active Directory.

Does anyone know if this is possible?

If this is possible, would tokens generated by keyclock in its disconnected state be able to be validated by Azure AD later when connectivity is restored?

Thanks,
hopoffbaby

pkadian · October 30, 2020, 4:21am

@hopoffbaby,

It is not tried yet but we can import the users in unsync mode for this it will not lookup AD every time for user authentication. Another approach we can add external infinispan which store long lasting caches.

Topic		Replies	Views
Help with external auth (Azure AD via OIDC) and limited password access	0	243	April 24, 2023
Keycloak token for external idp(Azure) users Getting advice authentication , oidc	4	1961	April 29, 2024
Azure Ad as keycloak identity provider Configuring the server oidc	0	405	June 2, 2021
Linking user from Azure AD to Keycloak account Getting advice user-federation , oidc	4	492	February 2, 2024
Is it possible to use an KeyCloak AccessToken to get access to the Microsoft Graph? Getting advice oidc	11	10692	January 18, 2024

Keycloak for mobile datacenter with poor network

Related Topics