32 lines
865 B
Markdown
32 lines
865 B
Markdown
What does this Keykloak Provider do?
|
|
|
|
Export an anonymized list of User-Attribute values.
|
|
This provider will provide an api endpoit for every configured attribute-group.
|
|
Multivalues attribues are not supported (yet).
|
|
|
|
|
|
|
|
Configuration in Keykloak
|
|
|
|
- Client with Service-Account
|
|
- Assigned roles allow access to attribute export
|
|
- User profile Groups with attributes
|
|
|
|
|
|
```json
|
|
{
|
|
"endpoints": [
|
|
{
|
|
"slug": "myattribute",
|
|
"attribute-group": "myattributes",
|
|
"match-role": "myattribute-access",
|
|
"auth-role": "myattribute-export",
|
|
"attribute-regex": "^(?<key>(ssh-ed25519 AAAAC3NzaC1lZDI1NTE5|ssh-rsa AAAAB3NzaC1yc2)[0-9A-Za-z+/]+[=]{0,3})(\\s.*)?$",
|
|
}
|
|
]
|
|
}
|
|
```
|
|
|
|
|
|
|
|
We recommend using a client with service-account, but you can also use a bot-account to authenticate against the provider.
|