It should be possible to create and share a social configuration. The social provider configuration contains a list of enabled social providers, including the required key/secret for each provider.
To enable social login for an application the developer is required to either associate an existing social configuration with his application, or create a new social configuration and associate that.
There can be a global default social configuration which is shared with everyone, but where only limited users have access to the provider secrets. This results in it being easy to try out social login for your application, but has limitations such as:
- Authorization page on social provider would state something like "Keycloak.com is requesting access to ...." instead of "Demo Application is requesting access to ...."
- A user grants access to all applications instead of individual (groups of) applications
- If a user wants to revoke access he would have to revoke access to all applications running on the Keycloak server
A developer should be able to create his own social config with his own key/secrets and associate that with one or more of his applications.