[keycloak-user] Not able to create user if firstName is read-only

Byte Flinger byteflinger at gmail.com
Thu Dec 1 02:41:52 EST 2016


I have setup a keycloak with a PostgreSQL db and also included ldap as user
federation. I tried setting the firstName (mapped to cn attribute) to
read-only but I realised that if one does that, you cannot create a user,
trying to add a new user fails.

I expected that setting the attribute read-only meant the user is not able
to change it on the account management page however an admin should be able
to do so (at least when creating the user since that makes for a broken
flow as you have to make it writable before creating a new user and than
back to read-only again every time).

Is this a bug? I have not tested registration but suspect that it won't
work either.


More information about the keycloak-user mailing list