Pedro Igor
Pedro Igor
@ihard Are you able to reproduce without using `ldaps`? Trying to correlate this issue with https://github.com/keycloak/keycloak/issues/31001.
@ihard Thanks. I have a hard time reproducing the issue. What I'm doing is basically: * A brand new distribution * Create a realm * Create an LDAP provider, test...
@ihard Thanks for the video, it makes sense now. Sent the fix https://github.com/keycloak/keycloak/pull/31081. The error you were facing is because the code was validating the `Bind DN`. As you are...
Looks like the users you are trying to federate share the same ID ? Is that the case?
One of the main ideas behind the Validation API (the one used by UP) is to support different input types such as realms, clients, etc. We should be able to...
The use case is valid and we need to make it work. It should not matter how much "deep" it is when chaining services and executing token exchanges. IMO, the...
The behavior is expected because both users are `unmanaged` members. In this case, after the identity-first login page their organization will not be resolved because you are providing only the...
But if you hide it for non-organization members how onboarding new members would look like if `Hide on Login Page=OFF`, `Hide for non organization member=ON`, and the username/email does not...
I see. I'm not sure if we can assume that this is always the case though and if other user cases want to allow users authenticating to IdPs from other...
@martin-kanis Overall I agree with the changes you are proposing but what do you think about https://github.com/keycloak/keycloak/issues/36309#issuecomment-2590766207?