Hello,
I am trying to connect AuthO in Keycloak so that my users can get into Keycloak using Auth0. The huddles I am facing is how to implement this also how do I port users from one service to another or add users. If a new user is added to keycloak how do they have Auth0 access or vice versa?
Hi @anamr,
In your scenario I’m guessing that Keycloak is configured to federate OIDC to Auth0. So, after the user is authenticated in Auth0, Keycloak will receive token and it will do just time Just-in-Time provisioning.
I’m not quite sure why you need to synchronize a user creation from Keycloak to Auth0 - it’s a little bit strange - but you can do this with a custom SPI in Keycloak listening to the creation events and then this custom module will call the Auth0: Users/post_users to create the User in Auth0.
BR,
Martin
Hi @anamr and @embesozzi and all others
I can confirm, Auth0 can be configured as Identity Provider in Keycloak (e.g. as OIDC-v1) - you can authenticate users of your WebApp via Keycloak to Auth0.
but I have one problem - maybe someone can help me on this thread:
I was hoping to pass additional user attributes from Auth0 to the access token generated by KeyCloak (e.g. email from Auth0 or full username from Auth0), but unfortunately this does not happen. Auth0 doesn’t seem to pass this information in the token to KeyCloak.
Can you give me some tips? Or maybe my expectation of the content of the token is wrong, but so far I could transfer such information from KeyCloak to my applications.
Regards,
Bartek
Hi @bartek.
Basically you have the following login flow:
If you want to check information in the Auth0 tokens - just for troubleshooting purposes, just request the token to the Auth0 token endpoint with ROPC using the SAME scopes that you have configured in KC Identity Provider.
Regards,