[keycloak-user] User federation provider taking care of ID provider links

Hello I have implemented a (JPA-based) user federation provider that works pretty fine so far. We now want to be able to load the link information to a federated id provider (like google) from the external datasource into the Keycloak's DB by means of the user federation provider, when the user is initially created in the Keycloak DB via his first login (or via user-synchronization). So far I could see, the user federation SPI works with a UserModel class which does not care about those attributes. Do you see any chance to set such attributes in a userfederation-implementation? One issue is, that keycloak's user entries are deleted when the userfederation provider fails to connect to the federated resource (not found how to to deactivate this behaviour so far). The user entry is recreated after the next login succeeded (OK and fine), but the link to the identity provider is lost (not fine). The other issue is, that we want to administer userattributes completey in the federated datasource to reduce complexity of our datamanagement. Best regards, Eduard Matuszak Dr. Eduard Matuszak Worldline, an atos company T +49 (211)399 398 63 M +49 (163)166 23 67 F +49(211) 399 22 430 eduard.matuszak@atos.net<mailto:eduard.matuszak@atos.net> Max-Stromeyer-Straße 116 78467 Konstanz Germany de.worldline.com<http://worldline.com/de/1/Home.html> worldline.jobs.de<http://worldline.jobs.de> facebook.com/WorldlineKarriere<http://www.facebook.com/WorldlineKarrie... Worldline GmbH Geschäftsführer: Wolf Kunisch Aufsichtsratsvorsitzender: Christophe Duquenne Sitz der Gesellschaft: Frankfurt/Main Handelsregister: Frankfurt/Main HRB 40 417 * * * * * * * * L E G A L D I S C L A I M E R * * * * * * * * This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail by error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavors to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and shall not be liable for any damages resulting from any virus transmitted. * * * * * * * * L E G A L D I S C L A I M E R * * * * * * * *