I figured it out. I needed to add a mapper in order to get the email.
Thank you.
From: Stian Thorgersen <sthorger(a)redhat.com>
Reply-To: "stian(a)redhat.com" <stian(a)redhat.com>
Date: Wednesday, December 14, 2016 at 12:55 AM
To: Reed Lewis <RLewis(a)carbonite.com>
Cc: "keycloak-user(a)lists.jboss.org" <keycloak-user(a)lists.jboss.org>
Subject: Re: [keycloak-user] Using Keycloak with Microsoft Azure Active Directory
So the issue is that you're missing the email address? You probably just need to tweak
the scope setting on the provider (try adding email)
On 9 December 2016 at 14:07, Reed Lewis
<RLewis@carbonite.com<mailto:RLewis@carbonite.com>> wrote:
I am attempting to use Microsoft Azure Active Directory with Keycloak.
It is not working correctly.
Here is how I have it configured:
OpenID Connect V1.0
Enabled: On
Store Tokens: On
Store Tokens Readable: On
Trust Email: On
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Token URL:
https://login.microsoftonline.com/common/oauth2/token
Logout URL: <none>
Backchannel Logout: Off
User Info URL: <blank>
First Login Flow: First Broker Login
It directs me to the Microsoft page to login correctly, but when it comes back to
keycloak, it either only has the first and last name, but no email address.
Is there something I have configured incorrectly?
I also tried to use the built in Microsoft connector, but that does not work with Azure
Active Directory.
Thank you,
Reed Lewis
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org<mailto:keycloak-user@lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user