0

I have a Keycloak client that exchange Google access token to Keycloak token via http request to /auth/realms/REALM/protocol/openid-connect/token. This client linked to Google idp, but by default uses other authentication flow. When the token is exchanged for the first time, a new user is also registered. I need to apply custom First broker login to register a new user or special SPI on this client.

I can't find in console where i can do it. Is it possible?

Timur Khismatullin
  • 1
  • 1
  • I created a custom extension using "IdpCreateUserIfUniqueAuthenticator" class as base. In the Authentication page I create a new "First Broker Login" adding the new "Execution". In the "Identity Provider" I use this flow. I don't know if is possible to use a "Authentication Flow Overrides" in the client together with Identity Providers "First Login Flow" – Andre Piantino Jan 27 '23 at 19:14
  • Please provide more details on what first login flow should do. In general, you can create custom first login flows via the keycloak administration interface. Navigate to "Authentication" in the side-bar. Create your own custom flow and select it in the IDP settings "first login-flow". – bro Mar 08 '23 at 08:25

0 Answers0