Mapping multiple social Accounts to same keycloak user calling services securured by these providers

tstuempfig · November 18, 2021, 9:41am

Hi all,
consider the following situation:
a) Users have accounts at google
b) Same Users have accounts for ms azure (or github, …)
c) I have a client that consumes services from google and azure

how to ensure a single login for a user (be google or azure) and
call the google service for e.g. for “geolocation” followed by azure call e.g. for NLP sentiment service. Respecting the users security assertions.

Regards
Thomas

xgp · November 23, 2021, 4:05pm

If the user has set up those federated accounts, you can then retrieve the tokens from those using the following method:

https://www.keycloak.org/docs/latest/server_admin/index.html#retrieving-external-idp-tokens

Topic		Replies	Views
Allow multiple Google Identity providers in the same realm Configuring the server identity-brokering , oidc	0	1007	April 2, 2020
Keycloak token for external idp(Azure) users Getting advice authentication , oidc	3	1859	February 4, 2021
Using ID Provider and User Federation in one realm Getting advice ldap , oidc	0	501	March 2, 2023
Identity brokering, upstream idp selection without exposing idps Securing applications identity-brokering	5	1473	June 10, 2021
Is Keycloak right solution for my usecase Getting advice	5	2552	January 21, 2021

Mapping multiple social Accounts to same keycloak user calling services securured by these providers

Related Topics