[keycloak-user] Keycloak Identity Broker to LDAP User Storage?
A. A.
bland999 at hotmail.com
Fri Apr 12 16:08:40 EDT 2019
Hello,
We have successfully configured Keycloak as an identity broker, and used some SAML attribute mappers to pull SAML claims into user attributes within Keycloak, e.g. national-id, birthdate, and so on.
We also have configured an LDAP storage backend under User Federation, along with attribute to LDAP mappers.
Is there a way to configure Keycloak to push a newly verified user (I mean after email verification) attributes into LDAP automatically? It dawned on me that the user-LDAP mapping is more of a "pull from LDAP into Keycloak" type of mapping and not the other way around. I do know there is a sync option but I was wondering if the push from SAML to Keycloak to LDAP could be done in "one transaction" on first login?
More information about the keycloak-user
mailing list