libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6

recaptcha docs

Browse source
This commit is contained in:
Bill Burke 2015-07-08 19:47:15 -04:00
parent 4a962aa75a
commit 6c9708c700
2 changed files with 28 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
docbook/reference/en/en-US/master.xml
View file

@ -44,6 +44,7 @@
<!ENTITY Proxy SYSTEM "modules/proxy.xml">
<!ENTITY CustomAttributes SYSTEM "modules/custom-attributes.xml">
<!ENTITY ProtocolMappers SYSTEM "modules/protocol-mappers.xml">
<!ENTITY Recaptcha SYSTEM "modules/recaptcha.xml">
]>
<book>
@ -108,6 +109,7 @@ This one is short
&IdentityBroker;
&Themes;
&Recaptcha;
<chapter>
<title>Email</title>

26
docbook/reference/en/en-US/modules/recaptcha.xml Executable file
View file

@ -0,0 +1,26 @@
<chapter id="recaptcha">
<title>Recaptcha Support on Registration</title>
<para>
To safeguard registration against bots, Keycloak has integration with Google Recaptcha. To enable this you
need to first go to <ulink url="https://developers.google.com/recaptcha/">Google Recaptcha</ulink>
and create an API key so that you can get your recaptcha site key and secret. (FYI, localhost works by default
so you don't have to specify a domain).
</para>
<para>Next, go to the Keycloak Admin Console. Go to
Authentication->Flows page. Select the 'registration' flow. Set the 'Recaptcha' requirement to 'Required'. Click
on the 'Configure' button and enter in the Recaptcha site key and secret.
</para>
<para>
Finally, you have to change Keycloak's default security headers. In the Admin Console, go to Settings->Security Defenses
of your realm. Add a space and <literal>https://www.google.com</literal> to the values of both the <literal>X-Frame-Options</literal>
and <literal>Content-Security-Policy</literal> headers. i.e.
<programlisting>
frame-src 'self' https://www.google.com
</programlisting>
</para>
<para>
That's it! You may want to edit register.ftl in your login theme to muck around with the placement and styling
of the recaptcha button. Up to you.
</para>
</chapter>