[keycloak-user] User federation email verification

Adam Keily adam.keily at adelaide.edu.au
Wed Aug 16 21:39:45 EDT 2017


Hi all,

Using rhsso7.1. I've configured a realm to federate users from LDAP (several thousand existing corporate accounts) and allow registration of external users to the realm.

The realm is configured to verify email. I only want users who register using a form or social IdP to have to verify their email though. With the realm setting 'Verify Email=On', it is prompting my LDAP users to verify their corporate email the first time they login.

Is there a simple way to prevent LDAP federated users from having to verify their email address whilst still enforcing verification for registered accounts. With social IdP's I can set them to trust email but is there a way to do something similar with ldap federation users? Or would I need to build a custom user federation spi?

Thanks
Adam

--
Adam Keily
Identity and Access Management Specialist
Security and Architecture
The University of Adelaide
Phone: +61883139112
Mobile: +61438898513
adam.keily at adelaide.edu.au<mailto:adam.keily at adelaide.edu.au>

CRICOS Provider Number 00123M
-----------------------------------------------------------
IMPORTANT: This message may contain confidential or legally privileged information. If you think it was sent to you by mistake, please delete all copies and advise the sender. For the purposes of the SPAM Act 2003, this email is authorised by The University of Adelaide.



More information about the keycloak-user mailing list