Question about Keycloak and saving the user in the database?

S

sasuke222020-10-22 08:33:19

Spring

sasuke22, 2020-10-22 08:33:19

Hi all! I started to learn Keycloak and I have a few questions:
1) How do I handle the registration event so that I can insert some user data into my application's database? Or how should it be implemented? I couldn't find any suitable guides for Spring Boot.
2) I created and configured my client, set the access type to Confidential. Authentication works fine, but the question is, how does Keycloak verify my user? Because I'm not explicitly sending an access token to my backend. Does it use the Oauth_Request_State cookie? Or should I check the accesstoken to see if it contains the client_secret on every request? How does the Keycloak security system work?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

S

sasuke22, 2020-10-22
@sasuke22

2) Just tested with Postman, and to make the principal not null, set the SesssionId and Oauth_Token_Request_State values and the request worked, so it's more likely all based on cookies.
1) Keycloak EventListener SPI even does not work, did it through authenticationSuccessHandler)