Keycloak with remote AD using a websocket/rGPD and connector

Hello, I’m a noob with Keycloak and I’m reading all the documentation, but I have been assigned to an individual project for the university, I have some weeks to do it, I’m totally lost and I need help :frowning:

I need to code an AD-connector to open a websocket beetwen the Keycloak network and the remote AD network, because I can’t use VPN or open ports for the AD. This connector has to received the user and password from the Keycloak network through the websocket, check the credentials and send back the user’s data (full name, group…). I have done that.

The problem is: I have to program something in the Keycloak network to do that, because I guess the Keycloak can’t send the user and password and wait for another system to the reply, he has to “ask” to an LDAP or to a database. So I guess I have to code something that can understand the Keycloak query, extract the user and password, send it through the websocket, wait for the JSON with the user’s data and do something with that data, because Keycloak has to understand it as an LDAP reply or a database reply.

Does anyone have an idea to extract the username and password from Keycloak, and then how to give to the Keycloak the user data for the mappers? I don’t know where I should start, and I don’t know if it’s even possible.