Determine if user is logged in with IdP or not

xgp · April 25, 2022, 2:39pm

This might help:

After a user login from an external IDP, Keycloak stores user session note data that you can access. This data can be propagated to the client requesting log in using the token or SAML assertion passed back to the client using an appropriate client mapper.

identity_provider

The IDP alias of the broker used to perform the login.

identity_provider_identity

The IDP username of the currently authenticated user. Often, but not always, the same as the Keycloak username. For example, Keycloak can link a user johnto a Facebook userjohn123@gmail.com. In that case, the value of the user session note isjohn123@gmail.com` .

You can use a Protocol Mapper of type User Session Note to propagate this information to your clients.

https://www.keycloak.org/docs/latest/server_admin/#available-user-session-data

Topic		Replies	Views
Validating access to applications for user authenticated on an external identity provider Getting advice identity-brokering , oidc	2	309	November 4, 2022
Allow API login through REST API for IdP users Getting advice authentication , oidc	1	1636	August 9, 2021
Keycloak Login and User Model with custom data from external REST API Getting advice authentication , user-federation , oidc	2	3929	April 28, 2022
Serving access tokens to users already logged in with third party identity provider Getting advice authentication , oidc	0	449	April 7, 2022
Get Identity Provider of a User or Token	0	258	September 16, 2021

Determine if user is logged in with IdP or not

Related Topics