[keycloak-user] How to disable user roles updates with subsequent idp logins?
Bill Burke
bburke at redhat.com
Tue Jun 20 09:11:54 EDT 2017
How are you using our ldap adapter? is "Import Enabled" true or false?
If it is false then Keycloak will not store role mappings if there are
no ldap mapping for it.
On 6/20/17 8:18 AM, Корчемкин Дмитрий wrote:
> Hello,
>
> I have a following scenario: user logs in for the first time from AD FS. There is a mapper in place that assigns him a role. He is then assigned some more roles manually. When he logs in second time, all the roles added by hand are being removed.
>
> I've tried looking for something to disable this on keycloak side, but i don't see anything relevant in documentation. Unfortunately, i don't have access to that particular AD FS. Is there a way to stop this overriding on Keycloak side, or is assigning all roles by mappers the only way?
>
> Best regards,
> Dmitry
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list