0

I want to restrict client(end-user) by IP-address on Keycloak. Way of Admin console seem to be following url, but there was no information about the client.

How to do IP restrictation for clients in keycloak admin console

Does anyone know any information?

mkg-nd
  • 1
  • 1
  • When you say "client" here are you refering to Keycloak's concept of a client (like in the OIDC spec) or an end-user device (like a laptop or mobile phone)? – sventorben Jan 28 '22 at 18:29

1 Answers1

0

I assume you are trying to implement your own Authenticator. You can get the IP of the end user by context.getConnection().getRemoteAddress().

Here is the Javadoc: https://www.keycloak.org/docs-api/16.0/javadocs/org/keycloak/common/ClientConnection.html#getRemoteAddr--

Note that this is probably easier to do with a reverse proxy (i.e. nginx) in front of keycloak (like the linked post suggests).

Gregor
  • 28
  • 7