keycloak-user-migration icon indicating copy to clipboard operation
keycloak-user-migration copied to clipboard

Published 20 hours ago verified publisher icon daniel-frak

Design Question

Open ralphsaunders opened this issue 6 months ago • 1 comments

Hi Daniel,

Thank you for putting in the effort with this provider, it looks really useful.

I was reviewing the documentation and I had a question about the design of the provider.

The docs mention the legacy system needs to provide endpoints for verifying user credentials and providing user info. It occurred to me that OIDC protocol provides those endpoints. Credentials could be verified with ROPC (password grant) and user info could probably be gathered from the /userinfo endpoint.

In an OIDC -> OIDC system migration, could you foresee any issues with the above design approach? My thinking was this would eliminate the need for any bespoke services to be developed for a legacy system if it had OIDC support.

Thank you kindly, Ralph

ralphsaunders avatar Aug 22 '24 12:08 ralphsaunders