Hello,
i have a KC 20.x server with several configured IDPs and two custom federations (kerberos and oracle).
The user logs in successfully via IDP MS Azure, but when the linking happens KC kinda checks everything (going through the 2 federations to find a user).
The problem is that the oracle federation can contain an email address that is also used for the MS Azure login. so when the linking happens it gets linked to the oracle federation. I noticed this side effect in the admin console when the main username was not e.g. “ttina” but it was “tina.turner@test.com”. the email address not wanted. when I disable the both federations everything is fine but I need them sadly. So where or how can I force KC to link it to the IDP when the user logged in there?