Login form: How to add domain to username if users do not enter it?

unicyclist · September 15, 2020, 8:55am

Hi,

we have the following scenario:

using LDAP as user federation
our users are used to login with “firstname.lastname” to our other systems
unfortunately, in our LDAP we have uid="firstname.lastname@ourdomain.com"

Can I somehow configure keycloaks login form / authentication to automatically add “@ourdomain.com” if the username is entered without domain so that KC can find it in LDAP?
What would be the easiest way? Could you give me a starting point?

I have these ideas:

do it on the server in the form (means dealing with Java and somehow overriding UsernamePasswordForm?)
somehow do it in the LDAP username field mapping (can we somehow use a regex for mapping and just strip away the domain?)
quick and dirty: do it on the client in javascript before the login form is posted to KC

What do you think? What be the easiest way?

Thanks,

Jörg

Topic		Replies	Views
Authenticate based on a 'domain\user' username	0	353	March 3, 2022
LDAP User federation with Username Form and Password Form Authenticator Getting advice authentication , user-federation , ldap	4	2335	June 24, 2021
Change username of LDAP-only-user invalidates session Getting advice	0	288	September 20, 2021
Keycloak with Active Directory Lookup Configuring the server user-federation	0	560	December 17, 2019
LDAP as an identity provider	0	293	April 11, 2023

Login form: How to add domain to username if users do not enter it?

Related Topics