We want to use our own Oauth2 / OpenID server (based on keycloak) to manage user authentication.
Strapi use Grant to provide oauth. What is the best way to add a custom provider ? Use our own version of Grant (and make a PR) or can we provide our own provider directly in strapi ?
For the moment we only support grant, although there is currently an RFC going to update Grant to support the new addition of Apple sign in:
From what I can tell Grant/purest doesn’t currently support keycloak: GitHub - simov/grant: OAuth Proxy
I have a strapi PR to add support for CAS which is similar to Keycloak. (e.g. you can host your own server) - I submitted PR to grant first to get CAS added to grant, now we are using CAS via extension and strapi PR is waiting on review. Once CAS was added to grant, it became fairly easy to add support via an extension overlay of the files in the PR - Add support for login via cas - github.com/apereo/cas by hdeadman · Pull Request #8058 · strapi/strapi · GitHub
Here were the grant PRs-
github.com/simov/grant/ PR 160 and PR 172
I am sure you can also add support for keycloak in grant dynamically (as the grant author suggests in response to my PR), but PR is easy, although you have to wait for release and wait for strapi to use it.
Thank you, I’ll go for a PR to grant and strapi.