Keycloak not using custom storage provider when storing user retrieved from external idp like google

I am using custom user provider spi . my use case is i want to store user autheticated/retrieved from external idp to my custom user provider spi or my custom DB and
I basically want ‘first broker login’ auth flow to use my user provider spi everytime instead of using keycloak user store .

I integrated custom user spi and checked a user login via external idp but found that it is not calling my custom user provider spi to store user info instead i think it is using keycloak user store.

How can i do so ?

@dasniko @thomasdarimont @mposolda
Can you please check .

My custom provider template is implementing UserRegistrationProvider interface as well .

Thanks in Advance .

I have followed the read only example on keycloak documentation as here

i have added UserRegistrationProvider interface as well to it .
I checked the keycloak source code and found that the UserStoreManager.java itself checks for registered providers and calls them if they have the desired capability interface .

I have also enabled and configured the spi during build process as mentioned here .

i am using the social login flow . While testing i am assuming any of my custom storage provider overridden methods should get called , but same is not happening , keycloak is not calling any method on my custom storage .

Also in the admin console i have configured my custom storage as user federation.

@Bill @dasniko @thomasdarimont @mposolda or Anyone .
Can you guys please confirm if am missing anything here .

Any help is much appreciated .
Thanks !!

You could take a look AbstractIdentityProviderMapper and implement a custom Identity Provider mapper to dynamically handle new users from IdPs.