Automatically Link Account during an Inbound SAML request

Hello,

I’m trying to automatically link an existing user to an incoming federated identity over SAML. The issue I’m running into was mentioned here on the mailing list - https://lists.jboss.org/pipermail/keycloak-user/2017-January/009089.html

With the combination of the Template Importer Mapper and the ‘Automatically Link Account’ first login flow it still is not succeeding in automatically linking unless you also pre-configure the user with the identity provider’s ID and username. This would defeat the purpose of the ‘automatic’ linking aspect of this process that we’re trying to obtain.

Is there a way to configure this outside of writing a custom java authentication extension?

Thanks!

1 Like