Hi everyone,
I connected my Keycloak with an external identity provider using SAML.
Everything is working fine but I would like to improve the workflow when:
- the user exists in my Keycloak
- the user tries to connect using his third provider account
In this case, Keycloak displays a form “Account already exists” and proposes 2 buttons to the user:
- “Review profile”
- “Add to existing account”
I would like to:
- skip this form to directly send the confirmation link to the user
- keep the approach with the confirmation link sent by e-mail: an e-mail is sent to the user ; this e-mail contains a link ; the user clicks on the link to confirm he wants to link his Keycloak account with his account present in the external platform
I tried to duplicate the authentication configuration “first broker login” and to change many parameters.
I was able to remove this form if I use the “reauthentication approach”.
But I was not able to remove this form keeping the “confirmation link sent by e-mail” approach.
I tried to create a new workflow from scratch. At a moment I had:
- the form removed
- a link sent by e-mail
But when I clicked on the link sent by e-mail, the link between Keycloak and the third IDP is never established…
My questions:
- is it possible to do what I want?
- if so, do you have any ideas or a workflow that works for me?
Thank you very much