Hello everyone
I’m new to Keycloak. I have installed a Redhat IDM with local accounts, as well as identity federation in KeyCloak.
I am currently able to authenticate via Keycloak with an IDM account (and associated password) as well as through an identity federation account for the same user, as long as I add “Linked identity providers” upstream in keyclock, everything works.
From now on, I’d like to automate this link between an IDM user and the identity federation. To do this, in IDM, I’ve entered for each user the federation’s identifier in the “ipaIdpSub” field (I don’t know if I’m right to use this IDM field, but I can enter this information elsewhere too).
I’ve pulled up the value “ipaIdpSub” in Keycloak using attributemap, and I matched the Key/Value pair in the keycloack user’s profile.
My question is: how can I inform keycloak that this “ipaIdpSub” IDM field must be used as my federation identifier, and activate this federation for each user, without doing all this by clicking?
I’ve tried looking, but something escapes me.
Thanks in advance for your help.