Ensuring User Data Exists on SAML Flow to 3rd Party


We’ve got a use case where we’re integrating Keycloak as the SSO portal for a 3rd party site using a SAML client. The flow is now working great for the happy path and the 3rd party provisions new users or authenticates existing ones correctly.

The issue is that our 3rd party requires a first and last name, but our main site only wants to require email and password for registration. My question is, what is the best way to ensure a user going through the SAML SSO flow to our 3rd party has a First and Last name, and if not to prompt them to provide them?

I’ve been playing around with the flows under authentication but haven’t had much luck yet. Would love to see if there’s a recommended solution to this. Apologies if I’ve missed any good docs or articles on this.