[keycloak-user] Verify email unwanted when users authenticate via Kerberos
Ruch Grégory
gregory.ruch at elca.ch
Tue Feb 27 15:55:19 EST 2018
Hi all,
I have configured a realm in which I have allowed user registration and Kerberos authentication. For user registration I have activated email address verification. Now my issue is that when I do the first login through Kerberos I also need to validate the email address.
I configured it in the same realm because I configured a SAML client application which both self-registered and Kerberos authenticated users need to access.
What I want is having self-registered users validating their email address and authenticating themselves with username/password and accessing all trusted applications with SSO. I want to have “corporate” users authenticate with Kerberos and access all trusted applications (same applications as self-registered users).
Is there another/ a right way to configure keycloak to do what I would like to do? Or should it be implemented as an option in ldap/Kerberos User federation provider such as “Trust email address” which will bypass the required action “verify email”?
Thank you in advance for your help,
Regards,
Greg
More information about the keycloak-user
mailing list