Todd Kazakov

@SVilgelm we have extended keycloak by adding a new **custom** admin endpoint (https://github.com/tidepool-org/keycloak-extensions/tree/master/admin/src/main/java/org/tidepool/keycloak/extensions/resource). I had to copy some of the gocloak internal functions in order to call it - you...

At Tidepool, for compliance reasons, we have the need to support time delineated data sharing. We store tie series data from personal health devices (e.g. continuous glucose meters) and we...

We provision our third-party IDPs in such way that a special role is associated to the user when they sign in. We then deny the authentication user username and password...

@LucasVanHaaren in the IDP settings I have added a mapper which assigns "brokered" role. In the login flow I then check if the user has this role and deny access...

Hi @MilosKozak, here are the client details: Integration: - Authorization Endpoint: https://auth.integration.tidepool.org/realms/integration/protocol/openid-connect/auth - Token Endpoint: https://auth.integration.tidepool.org/realms/integration/protocol/openid-connect/token - Well Known: https://auth.integration.tidepool.org/realms/integration/.well-known/openid-configuration - API Host: https://external.integration.tidepool.org - Client ID:`aaps` - Callback URL:...

@MilosKozak is there any progress on this issue?