Simple login flow

Keycloak allows you to configure different flows, such as the First Browser Login flow, found in the Authentication section. An authentication flow is a “container for all authentications, screens, and actions that must happen during login, registration, and other Keycloak workflows,” as explained in greater depth in the official Keycloak documentation.

In the case of integration of an OpenID Connect (OIDC) Provider, you need to customize the default Keycloak behavior and allow the user profile to be automatically created in the Keycloak’s database on first redirect from the OIDC provider or automatically associated with the user in the Keycloak database through the existing email address. For this reason we need to create a custom flow, what has been referred to as a Simple Login Flow.

Note

Complete these steps before continuing on to Okta integration.

  1. Navigate to the Flows tab and click New, using the default top level flow type.

  2. Click Add an execution.

  3. Select Create user if unique, and then select the ALTERNATIVE requirement.

  4. Click Add an execution again.

  5. This time, select Automatically set existing user, and then select the ALTERNATIVE requirement.