Hello all, I'm working on some POC with keycloak and OpenShift [1] and I'm wondering - is it possible to configure Keycloak in a way, that it won't create new users in local database when acting as a broker? For example, in this case [2], I want to be able to login as `user` from saml broker, but without creating the new user in saml-authentication-broker. Is it possible? Thanks, peter [1] https://github.com/pschiffe/keycloak-demo [2] https://github.com/keycloak/keycloak/tree/master/examples/ broker/saml-broker-authentication _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user

Thanks Stian, is this RFE tracked somewhere? Should I create an issue in JIRA? This feature is important for us from scalability point of view; when all the data are available in remote idp, we don't want to maintain another "cache like" database. Thanks, peter On Tue, Jan 24, 2017 at 8:48 AM, Stian Thorgersen <sthorger(a)redhat.co m> wrote: > It's not currently possible, but it is something we may add at some > point. > > On 23 January 2017 at 19:29, Peter Schiffer <pschiffe(a)redhat.com&gt; > wrote: > > Hello all, > > > > I'm working on some POC with keycloak and OpenShift [1] and I'm > > wondering - > > is it possible to configure Keycloak in a way, that it won't > > create new > > users in local database when acting as a broker? For example, in > > this case > > [2], I want to be able to login as `user` from saml broker, but > > without > > creating the new user in saml-authentication-broker. Is it > > possible? > > > > Thanks, > > > > peter > > > > [1] https://github.com/pschiffe/keycloak-demo > > [2] https://github.com/keycloak/keycloak/tree/master/examples/ > > broker/saml-broker-authentication > > _______________________________________________ > > keycloak-user mailing list > > keycloak-user(a)lists.jboss.org > > https://lists.jboss.org/mailman/listinfo/keycloak-user > > > >