如何将Microsoft用户从Azure同步到Keycloak [英] How to synchronize Microsoft users from Azure into the Keycloak

问题描述

我们正在尝试找到一种方法，将用户从Azure帐户同步到Keycloak?

We are trying to figure out a way to synchronize users from Azure Account into the Keycloak?

很遗憾，我们找不到它的文档

Unfortunately, we could not find a documentation for it

您知道正确的方法吗?

我想将Azure用作可用于验证用户身份的外部数据库.

I want to use Azure as an external DB that I can use to authenticate my users.

谢谢

推荐答案

我想将Azure用作可用于身份验证的外部数据库 我的用户

I want to use Azure as an external DB that I can use to authenticate my users

为此，您可以使用 Keycloak的用户联盟功能:

For that you can use Keycloak's User Federation functionality:

许多公司都有保存信息的现有用户数据库 有关用户及其密码或其他凭据的信息.在很多情况下 只是不可能将这些现有商店迁移到 纯Keycloak部署. Keycloak可以联合现有外部用户 数据库.默认情况下，我们支持LDAP和Active Directory，但是您 也可以使用以下代码为任何自定义用户数据库编写自己的扩展名 我们的用户存储SPI.

Many companies have existing user databases that hold information about users and their passwords or other credentials. In many cases, it is just not possible to migrate off of those existing stores to a pure Keycloak deployment. Keycloak can federate existing external user databases. By default, we support LDAP and Active Directory, but you can also code your own extension for any custom user database using our User Storage SPI.

它的工作方式是，当用户登录时，Keycloak会查看 自己的内部用户存储区来查找用户.如果找不到 在那里，它将遍历您拥有的每个用户存储提供程序 为领域配置，直到找到匹配项.来自的数据 外部存储映射到一个通用的用户模型，该模型由 Keycloak运行时. (..)

The way it works is that when a user logs in, Keycloak will look into its own internal user store to find the user. If it cannot find it there, it will iterate over every User Storage provider you have configured for the realm until it finds a match. Data from the external store is mapped into a common user model that is consumed by the Keycloak runtime. (..)

在文档的该部分中，您拥有所需的一切.尽管如此，要添加用户联合:

In that section of the documentation you have all that you need. Nonetheless, to add the User Federation:

• 进入您的境界；
• 选择用户联合；
• 添加提供商-> ldap;
• 相应地配置所有必需的设置；
• 保存.

这篇关于如何将Microsoft用户从Azure同步到Keycloak的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！