xgp
commented
1 year ago Hello @datenzar. Thanks for your message. I think the documentation is a bit incomplete/misleading right now. The two mechanisms of configuration are for very different use cases. This repository is sort of a bag of different event listeners, and it really depends on what you're trying to do, and how you've planned your Keycloak implementation.
Setting up the listeners that can be configured by realm attributes (e.g. HttpSenderEventListenerProvider, ScriptEventListenerProvider and whatever provider you've set up configuration for) is usually for "slow changing" setups where (as in your use case), you're configuring things via terraform, importing a realm dump, or some other infra-as code.
Webhooks are to allow other programs to subscribe to specific events. This only requires view-events and manage-events client roles, so the use case is for a narrowly constrained external application that needs a separate API for management.
While it is technically possible to configure HttpSenderEventListenerProvider (via realm attributes) and webhooks (via API) to do approximately the same thing, they exist independently to handle the different use cases. In your case, I'd recommend using realm attributes, assuming you are configuring a provider that supports it.
Hi there,
I'm currently reviewing your plugin (quite nice actually) and was wondering, why there are 2 separate mechanisms for configuring the event handling (Realm Attributes and REST API calls).
We're using Terraform as an Infrastructure-as-Code solution and also manage configurations of KC, where it is quite convenient to adjust the realm config with Realm Attributes. However with webhooks, this approach doesn't work without adjustments.
Do you consider to consolidate the configuration of event handlers into a single approach, preferably Realm attributes?