Go to file
Cédric Couralet 56f765568b Add some docs on where to find jar
Signed-off-by: Cédric Couralet <cedric.couralet@insee.fr>
2022-03-18 08:45:30 +01:00
.github Ossrh profile should be explicitly enabled 2021-08-02 08:43:50 +02:00
src/main Add support for validating full email adress 2022-03-18 08:44:28 +01:00
.gitignore 🎉 First try 2019-06-19 07:21:48 +02:00
LICENSE 🎉 First try 2019-06-19 07:21:48 +02:00
pom.xml Ossrh profile should be explicitly enabled 2021-08-02 08:43:50 +02:00
README.md Add some docs on where to find jar 2022-03-18 08:45:30 +01:00

Keycloak - Whitelist email domain for registration

This extension allows you to validate email domain used for registration in keycloak to accept only a finite list of domain.

You can use basic glob syntax (only * and ? are supported)

How to install

The jar are deployed to Maven Central Repository here : https://repo1.maven.org/maven2/net/micedre/keycloak/keycloak-mail-whitelisting/

Simply drop the jar in the plugin directory, it will be automatically deployed by keycloak.

Wildfly distribution (default until keycloak 16)

The plugin directory is $KEYCLOAK_HOME\standalone\deployments.

Quarkus distribution (default since keycloak 17)

The plugin directory is $KEYCLOAK_HOME\providers.

How to use

  • Go to the admin console, in authentication menu.
  • Copy the registration flow
  • add a new execution below "Profile Validation" and choose "Profile Validation With Email Domain Check"
  • Set the execution "Required"
  • Configure this new execution (otherwise, keycloak will only accept "exemple.org" domains)
  • Change the registration binding to this new flow
  • Configure the realm to accept registration and verify email (this is important!)

Display authorized mail domains in register forms

This extension provides the list of authorized patterns in the authorizedMailDomains attribute of the registration page.

This can be used like this :

 <div class="${properties.kcLabelWrapperClass!}">
                    <label for="email" class="${properties.kcLabelClass!}">${msg("email")} (only ${authorizedMailDomains?join(", ")})</label>
 </div>