如何绕过keycloak登录页面？

Question

I am working on a ReactJS application with a Java background. Is it possible to use a login other than that of keycloak.

I know it's possible to custom the default keycloak theme and add custom field also but I really want to use my reactjs login form instead of redirecting to that of keycloak.

Is it possible? Is it recommended?

There is already a similar question on stackoverflow but not the right answer to the problem.

Thank you all for answering my question

Answer 1

Is it possible?

Yes, the user would insert the username and password into your form. And you would perform behind the curtains a call to a Keycloak Client that you would have to configure with the " Resource Owner Password Credential Grant " flow ( ie, Direct access Grants Enabled in Keycloak ). That call would be requesting a token on the user's behalf.

Now the problem with this approach is that Resource Owner Password Credential Grant should typically be avoided ( source ):

The resource owner password credentials grant type is suitable in cases where the resource owner has a trust relationship with the client, such as the device operating system or a highly privileged application. The authorization server should take special care when enabling this grant type and only allow it when other flows are not viable .

You can read more on why it is not recommended to use that flow in sources such as this .

So you would be compromising a bite of security there. Moreover, you might want to provide other Keycloak functionality ( eg, OTP and social media login) that is seamlessly integrated with its Theme template. Then you might have to adapt your application based on new Keycloak releases and so on. Unless you really have a very good reason to I would not recommend it. You can opt to simply customize the default theme. It is just a form anyway, after that the user can be immediately redirected to your app.