I have keycloak set up with LDAP and an IdP for Identity brokering.
Now I want to automatically map the accounts from the IdP to existing
ones in Keycloak.
It seems that the username and email must be the same for the account merging
The IdP’s preferred_username does not match the username from the account so I would
like to use a mapping to change the username to match the existing accounts.
I would like to use a claim that is formatted like @DOMAIN.
How can I extract the USERNAME part and use it in the identity broker?
Help would be much appreciated.