Skip to content

Latest commit

 

History

History
42 lines (27 loc) · 1.61 KB

README.md

File metadata and controls

42 lines (27 loc) · 1.61 KB

Keycloak - Whitelist email domain for registration

This extension allows you to validate email domain used for registration in keycloak to accept only a finite list of domain.

You can use basic glob syntax (only * and ? are supported)

How to install

The jar are deployed to Maven Central Repository here : https://repo1.maven.org/maven2/net/micedre/keycloak/keycloak-mail-whitelisting/

Simply drop the jar in the plugin directory, it will be automatically deployed by keycloak.

Wildfly distribution (default until keycloak 16)

The plugin directory is $KEYCLOAK_HOME\standalone\deployments.

Quarkus distribution (default since keycloak 17)

The plugin directory is $KEYCLOAK_HOME\providers.

How to use

  • Go to the admin console, in authentication menu.
  • Copy the registration flow
  • add a new execution below "Profile Validation" and choose "Profile Validation With Email Domain Check"
  • Set the execution "Required"
  • Configure this new execution (otherwise, keycloak will only accept "exemple.org" domains)
  • Change the registration binding to this new flow
  • Configure the realm to accept registration and verify email (this is important!)

Display authorized mail domains in register forms

This extension provides the list of authorized patterns in the authorizedMailDomains attribute of the registration page.

This can be used like this :

 <div class="${properties.kcLabelWrapperClass!}">
                    <label for="email" class="${properties.kcLabelClass!}">${msg("email")} (only ${authorizedMailDomains?join(", ")})</label>
 </div>