Load Ldap Information on the fly

Hello out there,

I want to use keycloak to authenticate my users.
The user informations are stored in ldap (Active-Directory).
The configuration worked, the users got imported.

But my question is, why do they get imported ?
Whey does keycloak not pass the requests to ldap immediately ?

best wishes

It’s dependent on the storage mode you use. By default, Keycloak imports the users, but it can be configured not to. See the storage mode documentation here: Server Administration Guide

Thank you very much, is there still some kind of caching if using this option?
When I change some group membership change does not change in the access token.

UPDATE: Yes there is, and this fixed my issue.

Thank you very much