如何将 Microsoft 用户从 Azure 同步到 Keycloak [英] How to synchronize Microsoft users from Azure into the Keycloak

问题描述

我们正在想办法将用户从 Azure 帐户同步到 Keycloak?

We are trying to figure out a way to synchronize users from Azure Account into the Keycloak?

很遗憾，我们找不到它的文档

Unfortunately, we could not find a documentation for it

你知道正确的方法吗?

我想将 Azure 用作我可以用来验证我的用户身份的外部数据库.

I want to use Azure as an external DB that I can use to authenticate my users.

谢谢

推荐答案

我想将 Azure 用作可用于身份验证的外部数据库我的用户

I want to use Azure as an external DB that I can use to authenticate my users

为此，您可以使用 Keycloak 的用户联盟功能:

For that you can use Keycloak's User Federation functionality:

许多公司都有现有的用户数据库来保存信息关于用户及其密码或其他凭据.在很多情况下，只是不可能从那些现有的商店迁移到纯 Keycloak 部署.Keycloak 可以联合现有的外部用户数据库.默认情况下，我们支持 LDAP 和 Active Directory，但您还可以为任何自定义用户数据库编写自己的扩展，使用我们的用户存储 SPI.

Many companies have existing user databases that hold information about users and their passwords or other credentials. In many cases, it is just not possible to migrate off of those existing stores to a pure Keycloak deployment. Keycloak can federate existing external user databases. By default, we support LDAP and Active Directory, but you can also code your own extension for any custom user database using our User Storage SPI.

它的工作方式是当用户登录时，Keycloak 会查看它自己的内部用户存储来查找用户.如果找不到在那里，它将遍历您拥有的每个用户存储提供程序为领域配置，直到找到匹配项.数据来自外部存储映射到一个通用的用户模型，由Keycloak 运行时.(..)

The way it works is that when a user logs in, Keycloak will look into its own internal user store to find the user. If it cannot find it there, it will iterate over every User Storage provider you have configured for the realm until it finds a match. Data from the external store is mapped into a common user model that is consumed by the Keycloak runtime. (..)

在文档的该部分中，您拥有所需的一切.尽管如此，要添加用户联盟:

In that section of the documentation you have all that you need. Nonetheless, to add the User Federation:

• 去你的领域；
• 选择用户联盟；
• 添加提供商 ->ldap;
• 相应地配置所有必需的设置；
• 保存.

这篇关于如何将 Microsoft 用户从 Azure 同步到 Keycloak的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！