keycloak-group-by-domain/README.md

43 lines
1.6 KiB
Markdown
Raw Normal View History

2020-03-29 18:31:11 +00:00
# Keycloak - Whitelist email domain for registration
2019-06-19 06:31:33 +00:00
This extension allows you to validate email domain used for registration in keycloak to accept only a finite list of domain.
2021-02-01 17:03:47 +00:00
You can use basic [glob syntax](https://en.wikipedia.org/wiki/Glob_(programming))
(only `*` and `?` are supported)
2019-06-19 06:31:33 +00:00
## How to install
The jar are deployed to Maven Central Repository here : https://repo1.maven.org/maven2/net/micedre/keycloak/keycloak-mail-whitelisting/
2022-02-24 08:11:09 +00:00
Simply drop the `jar` in the plugin directory, it will be automatically deployed by keycloak.
2022-03-04 17:30:24 +00:00
### Wildfly distribution (default until keycloak 16)
2022-02-24 08:11:09 +00:00
The plugin directory is `$KEYCLOAK_HOME\standalone\deployments`.
2022-03-04 17:30:24 +00:00
### Quarkus distribution (default since keycloak 17)
2022-02-24 08:11:09 +00:00
The plugin directory is `$KEYCLOAK_HOME\providers`.
2019-06-19 06:31:33 +00:00
## How to use
- Go to the admin console, in authentication menu.
- Copy the registration flow
- add a new execution below "Profile Validation" and choose "Profile Validation With Email Domain Check"
2022-02-24 08:11:09 +00:00
- Set the execution "Required"
2019-06-19 06:31:33 +00:00
- Configure this new execution (otherwise, keycloak will only accept "exemple.org" domains)
- Change the registration binding to this new flow
2020-03-29 18:31:11 +00:00
- Configure the realm to accept registration and verify email (this is important!)
## Display authorized mail domains in register forms
This extension provides the list of authorized patterns in the `authorizedMailDomains` attribute of the registration page.
This can be used like this :
```
<div class="${properties.kcLabelWrapperClass!}">
<label for="email" class="${properties.kcLabelClass!}">${msg("email")} (only ${authorizedMailDomains?join(", ")})</label>
</div>
```