mathieupassenau's comments

mathieupassenau · on Feb 5, 2021

Hi,

In this case, we use this procedure from the frontend app. When a user registers on Keycloak, this user is only stored on Keycloak.

Keycloak is used as an authentication provider, a "login with". The user is registered in the app on first use, even if the account already exists in Keycloak.

so, calling "api.add_user_if_not_exists" can be used on every request, only the first has an effect.

The field request.jwt.claim.sub is called "subject", this is a unique identifier for the user (a GUID with Keycloak). This field is provisionned by Keycloak, the JWT token has been verified by Postgrest with all informations (Keys).

runeks · on Feb 9, 2021

I'm not sure how you found my question, but thank you very much for your answer, Mathieu!

mathieupassenau · on April 15, 2020

Damn ! Keycloak on HN homepage ! We use it in production for years. Such a great tool, we deployed a "as a service" version, with a free offer => https://please-open.it

mathieupassenau · on April 8, 2020

I wrote a blogpost about webanalytics and authentication. https://www.mathieupassenaud.fr/webanalytics_enemy/ Using "authorization code grant" is not as secure as we imagine with those kind of analytics

mathieupassenau · on March 2, 2020

here it is : https://github.com/mathieupassenaud/codeless-backend have fun :)

ruslan_talpa · on March 3, 2020

You can submit this link as a PR to this page https://github.com/PostgREST/postgrest-docs/blob/v6.0/ecosys...

mathieupassenau · on March 2, 2020

not right now, in a few hours :)

mathieupassenau · on Feb 1, 2018

Hi, yes that's it ! I have a "HAHAHAHA" label right now

http://www.mathieupassenaud.fr/gmail-auto-labels/img/hahahah...

latchkey · on Feb 2, 2018

Ha, I love that someone actually tried it. Was not me though.

mathieupassenau · on Sept 5, 2016

Thanks a lot for the advice. I'll take a look at the fold space you mention ;)