Updating user in federation storage

Hi Folks.

I have external RDBMS storage for users.
Users in this DB are managed by java service.
So we can create, update, delete users via our internal administrative dashboard UI.

For auth process, we’re going to use Keycloak. Obviously, we need to implement User Storage SPI.
As I understand, after login, a user with some attributes(ext_id, phone, password, etc.) will be stored in local cache.

  • Is a user saved in local storage during the first login? I assume not, only in cache.
  • What if in my DB a user was updated. How can we notify Keycloak and evict the cache to apply new attributes?

You can use keycloak admin apis.