Reputation: 53
Can't link idp user automatically
I would like that only users who already have a Keycloak account with the same e-mail address (user name) can log in via the idp. Keycloak already has documentation here on how the authentication flow should look. Unfortunately, this does not work for me. I have activated the “Login with email” option in the realm settings and all users in Keycloak have an email as their username. It's about Openid connect with Microsoft Azure.
My authentication flow configuration
I get this error when I log in
Why is this happening?
I have tried various authentication flows. Unfortunately without success.
Upvotes: 0
Views: 379
Answers (1)
Reputation: 53
I have found a solution. With the following mapper, the user is automatically assigned based on the e-mail:
Upvotes: 2
Related Questions
- Keycloak with AzureAD how to change the IDP user ID / IDP Links
- Second login with remote IdP through Keycloak fails, "Invalid username or password"
- Redirect to the original web page after external idp authorization via Keycloak
- Keycloak configured with Azure as IDP and MSAL on Android
- Auto merge authenticated user from IDP with the existing user in the keycloak
- KeyCloak Refresh External IDP Token
- Keycloak - Customer uses multiple email domains on one IdP. How do I configure the IdP in Keycloak to reconize both domains?
- Do not show ANY login form in keycloak but call directly the custom IDP authentication endpoint