[keycloak-dev] Adding IdentityProviderMappers
frelibert at yahoo.com
frelibert at yahoo.com
Mon Feb 13 05:51:13 EST 2017
Hi,
The identity-provider-mapper SPI is an internal one.Any chance you will make it public?
I'd like to use it to write our own mapper.I actually allready have.I know it is not recommended to depend on an internal spi but I have written a new mapper as I needed something with less work to configure the mapping of our brokered saml idp to user attributes. Our idp returns a lot of attributes and configuring each and every attribute is quite some work.
Moreover, you currently can't export this config from one realm to another in the same environment.My mapper is quite similar to the UserAttributeMapper but not limited to one attribute.It basically takes the incoming assertion and maps every saml attribute it finds to a user attribute with the same name.It has 5 config fields:- optional regex in order to filter out some attribute(s) you don't want to map.- name of attribute to use as firstName property.- name of attribute to use as lastName property.- name of attribute to use as email property.
- option to use saml friendlyName instead of Name to map with the user attribute name.
If you are interested, I am willing to share it with you.I like Keycloak a lot :-)
Kind regards,
Frederik Libert
More information about the keycloak-dev
mailing list