2020-03-29 18:31:11 +00:00
|
|
|
# Keycloak - Whitelist email domain for registration
|
2019-06-19 06:31:33 +00:00
|
|
|
|
|
|
|
|
This extension allows you to validate email domain used for registration in keycloak to accept only a finite list of domain.
|
|
|
|
|
|
2021-02-01 17:03:47 +00:00
|
|
|
You can use basic [glob syntax](https://en.wikipedia.org/wiki/Glob_(programming))
|
|
|
|
|
(only `*` and `?` are supported)
|
|
|
|
|
|
2019-06-19 06:31:33 +00:00
|
|
|
## How to install
|
|
|
|
|
|
|
|
|
|
Simply drop the jar in `$KEYCLOAK_HOME\standalone\deployments`, it will be automatically deployed by keycloak.
|
|
|
|
|
|
|
|
|
|
## How to use
|
|
|
|
|
|
|
|
|
|
- Go to the admin console, in authentication menu.
|
|
|
|
|
- Copy the registration flow
|
|
|
|
|
- add a new execution below "Profile Validation" and choose "Profile Validation With Email Domain Check"
|
|
|
|
|
- Configure this new execution (otherwise, keycloak will only accept "exemple.org" domains)
|
|
|
|
|
- Change the registration binding to this new flow
|
2020-03-29 18:31:11 +00:00
|
|
|
- Configure the realm to accept registration and verify email (this is important!)
|
2021-04-14 20:10:46 +00:00
|
|
|
|
|
|
|
|
## Display authorized mail domains in register forms
|
|
|
|
|
|
|
|
|
|
This extension provides the list of authorized patterns in the `authorizedMailDomains` attribute of the registration page.
|
|
|
|
|
|
|
|
|
|
This can be used like this :
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
|
<div class="${properties.kcLabelWrapperClass!}">
|
|
|
|
|
<label for="email" class="${properties.kcLabelClass!}">${msg("email")} (only ${authorizedMailDomains?join(", ")})</label>
|
|
|
|
|
</div>
|
|
|
|
|
```
|
