I’m using Keycloak by itself (no federation or identity providers). I’d like users to be able to add their own SSH keys somehow and then be able to fetch them via the API and deploy them to our servers.
Is there a way to do this?
I guess they could be put in a user attribute, but I didn’t see any way in the user account console for a user to edit their own attributes.
The new User Profile functionality (as of v14) allows you to set permissions on who can view and edit attributes. You could store the key as an attribute. See the current docs: Server Administration Guide
Thanks, that sounds promising. I have Keycloak 10 currently so I hadn’t seen the new functions.
My users might have multiple SSH keys. Are multi-line values allowed for attributes, or is there a list type, or a way to have multiple instances of an attribute on a user?
I’ve solved that by storing an attribute that is a JSON string. I don’t know if there is a better way to do it, as I don’t believe there is a list type.
Right, that would work, but it’s not great for the users to enter directly in the account console.