We created custom user storage federation adapter to migrate users from our legacy system into Keycloak.
What we saw when we did it - users are well migrated and after unlinking from user federation logging in still works…
When we tried to look what’s going on in in the database we saw that new users are stored in user_entity and credentials into credential table.
The question would be for the Keycloak engineers - since there are a lot of user federation related tables in the Keycloak (federated_user, fed_user_credential. etc) we expected them to be used in this process of migration… user details would be placed in these tables and later upon unlink action they would migrate to the main tables… instead, we just have federation_link value set as a sign that user is connected to some provider.
So, is there any mistake in our SPI implementation and usage or these tables are irrelevant and part of some legacy code, and they shouldn’t worry us?
Also, is there any ‘consultancy’ or ‘code review’ that official Keycloak team can provide?
Thanks