how to sync aps(users) with keycloak?

cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Member II

how to sync aps(users) with keycloak?

Jump to solution

I am using the aps 1.9. i have integrated aps with keycloak. i am able to log in only if  user is available in both aps and keycloak. so, how to sync aps(users) with keycloak?

1 Solution

Accepted Solutions
Highlighted
Alfresco Employee

Re: how to sync aps(users) with keycloak?

Jump to solution
15 Replies
Highlighted
Alfresco Employee

Re: how to sync aps(users) with keycloak?

Jump to solution

One way is to configure both APS and Keycloak to sync against an LDAP server.

Highlighted
Member II

Re: how to sync aps(users) with keycloak?

Jump to solution

hey Bassam Al-Sarori, i am having multiple ldap connected with keycloak. how do i sync in APS here?. ie i have to write custom extension. is there any pointer to do that?

Highlighted
Alfresco Employee

Re: how to sync aps(users) with keycloak?

Jump to solution

APS doesn't read from multiple LDAP servers so yes you'll need to write a custom extension.

You can implement ExternalIdmSourceSyncService (or extend AbstractExternalIdmSourceSyncService) to write your own sync logic see an example here Example implementation | Alfresco Documentation 

Highlighted
Member II

Re: how to sync aps(users) with keycloak?

Jump to solution

In future, if client wants a social login or some login feature, again i have to do some stuff. 

so instead of writing custom extension to sync multiple ldap, i can sync with keycloak right. From keycloak i can do remaining stuff without affecting existing flow.

thanks for the pointers Bassam Al-Sarori‌ .

Highlighted
Member II

Re: how to sync aps(users) with keycloak?

Jump to solution

it will be good if you add this feature to aps.

Highlighted
Member II

Re: how to sync aps(users) with keycloak?

Jump to solution

hi Bassam Al-Sarori‌, this is like repeating the same task(multiple ldap config) in both keycloak and aps. so i don't want to write custom exception to sync multiple ldap. is there any other way?.

Highlighted
Alfresco Employee

Re: how to sync aps(users) with keycloak?

Jump to solution
Highlighted
Member II

Re: how to sync aps(users) with keycloak?

Jump to solution

hey Bassam Al-Sarori‌, how do i configure super admin user in keycloak ?

i have changed the following properties in activiti-app.properties like below,

admin.email=
admin.passwordHash=
admin.lastname=

admin.group=

In keycloak, i have created super admin  group. am i missing something? feel free to correct me.

Highlighted
Alfresco Employee

Re: how to sync aps(users) with keycloak?

Jump to solution

The default admin user needs to be created in APS so you need to set those properties. Then create the same user on Keycloak.