keycloak-scim/server_admin/topics/users/ref-personal-data-collected.adoc

22 lines
1.5 KiB
Text
Raw Normal View History

// Module included in the following assemblies:
//
// server_admin/topics/users.adoc
[id="ref-personal-data-collected_{context}"]
= Personal data collected by {project_name}
By default, {project_name} collects the following data:
* Basic user profile data, such as the user email, first name, and last name.
* Basic user profile data used for social accounts and references to the social account when using a social login.
* Device information collected for audit and security purposes, such as the IP address, operating system name, and the browser name.
The information collected in {project_name} is highly customizable. The following guidelines apply when making customizations:
* Registration and account forms can contain custom fields, such as birthday, gender, and nationality. An administrator can configure {project_name} to retrieve data from a social provider or a user storage provider such as LDAP.
* {project_name} collects user credentials, such as password, OTP codes, and WebAuthn public keys. This information is encrypted and saved in a database, so it is not visible to {project_name} administrators. Each type of credential can include non-confidential metadata that is visible to administrators such as the algorithm that is used to hash the password and the number of hash iterations used to hash the password.
* With authorization services and UMA support enabled, {project_name} can hold information about some objects for which a particular user is the owner.