[keycloak-dev] LDAP Federation & Subject ID's

gambol gambol99 at gmail.com
Thu Jun 21 08:08:06 EDT 2018


It appears I can map the sub claim to a user property i.e email ... But not
a user attribute ... I was hoping to just add a uid to the user and manage
like that assuming we can't get ldap mapping correctly

On Wed, Jun 20, 2018, 12:04 PM gambol <gambol99 at gmail.com> wrote:

> Hiya
>
> One of our projects is looking to tie Knox and Keycloak together; with
> some documentation here
> https://community.hortonworks.com/articles/196751/knox-accept-third-party-jwt.html.
> At the moment the users are being federated to an ldap user store.
>
> The issue at the moment is the subject ID, they would like this mapped
> 'uid' attribute to the user representation in ldap, is this simply a matter
> of changing the 'UUID LDAP attribute' .. They did try and they started
> getting errors logging in, I'm guessing this was perhaps due to changing
> the mapping once users had already been imported? ...
>
> Alas, I don't have access to components myself, so acting as a middle man
> at the moment
>
> Rohith
>


More information about the keycloak-dev mailing list