Use Username Template Importer mapper, configured in the identity provider
mappers with template ${ATTRIBUTE.attribute-name} (adjust the
attribute-name appropriately).
--Hynek
On Tue, Jan 10, 2017 at 11:21 AM, Moshe Ben-Shoham <
mosheb(a)perfectomobile.com> wrote:
Hi,
We have a few clients integrated with Keycloak relam, using email address
as the user identifier.
Now we wish to integrate KeyCloak with external IdP using its identity
brokering capabilities based on SAML. The problem is, the user identifier
in the external IdP is not the email address but some other username. We
are able to get the email as an attribute in the SAML assertion coming into
KeyCloak, but the missing part is mapping the email attribute to the user
identifier in KeyCloak - how do we do that?
Thanks!
The information contained in this message is proprietary to the sender,
protected from disclosure, and may be privileged. The information is
intended to be conveyed only to the designated recipient(s) of the message.
If the reader of this message is not the intended recipient, you are hereby
notified that any dissemination, use, distribution or copying of this
communication is strictly prohibited and may be unlawful. If you have
received this communication in error, please notify us immediately by
replying to the message and deleting it from your computer. Thank you.
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
--
--Hynek