I am still learning the whole IdentityProvider, Authtentication, Authorization in .Net.
My question is, if I use Keycloak as my IdentityProvider is it a good idea to still create a User DB table then I'll just keep both KeyCloak and User DB in sync?
I tried doing some reading but still have a hard time understanding the concept
CodePudding user response:
I don't think you can configure KeyCloak to use your SQL database. KeyCloak supports Kerberos and LDAP ("User federation") or Identity providers (Bitbucket, Facebook, Github, Google, twitter.. -> services, which support OAuth 2.0), which can be included e.g. via Open-ID or SAML. In the enterprise environment you often have HCL Domino or Microsoft AD, so you can use the ldap connection here. KeyCloak does not take over the data management itself but only uses identity sources that are connected. However, you can configure whether KeyCloak has read-only access or whether it can also modify data.
Maybe this article about Keycloak's core concept can help you further: https://developers.redhat.com/blog/2019/12/11/keycloak-core-concepts-of-open-source-identity-and-access-management