Hi,
we want to use keycloak as part of our application setup.
Our application prouds itself to also work in case that we no internet connection is available.
But we also want to connect against the OIDC idP of our customers to copy the users and extend them with extra attributes.
If we use keycloak as an identity broker and configure the idP, the users will be duplicated to our keycloak instance on first sign-in but no password of those users are saved if i understand that correctly.
Therefore if the internet connection is gone, we will not be able to login with the linked users at all.
I also saw no possibility to transfer the users of another oidc idP at the start. They are first created (and linked) when the user is logging in at the first time.
My questions would be:
- Is there a possibility to “handle” oidc idps like an LDAP scenario?
- Can we synchronize the users at the start somehow so that we can assign user groups (with attraibutes) to them directly?