[keycloak-user] SAML IdP automatically link account

Glenn Campbell campbellg at teds.com
Tue Aug 23 10:03:16 EDT 2016


I have a SAML IdP that is used only for authentication and a separate
database that contains information about the users, including roles. I've
set up the database in User Federation and the SAML IdP in Identity
Providers.

The problem I have is that when users log in they are prompted to link to
an existing account. This is confusing for them because from their
perspective the only account they know about is the one on the SAML IdP.

Is it possible to configure this Identity Provider to be "trusted" so that
the accounts are linked automatically? I started looking into creating a
custom authenticator based on the documentation and the custom
authenticator in the example code but I don't see what the necessary steps
are to cause the automatic account linking.

Any suggestions would be greatly appreciated.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160823/a7331a77/attachment.html 


More information about the keycloak-user mailing list