Hello,
We have successfully configured Keycloak as an identity broker, and used some SAML
attribute mappers to pull SAML claims into user attributes within Keycloak, e.g.
national-id, birthdate, and so on.
We also have configured an LDAP storage backend under User Federation, along with
attribute to LDAP mappers.
Is there a way to configure Keycloak to push a newly verified user (I mean after email
verification) attributes into LDAP automatically? It dawned on me that the user-LDAP
mapping is more of a "pull from LDAP into Keycloak" type of mapping and not the
other way around. I do know there is a sync option but I was wondering if the push from
SAML to Keycloak to LDAP could be done in "one transaction" on first login?
Show replies by date