New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Link user to custom OAuth provider #1665
Comments
@fischermario which Keycloak version do you use? |
@hsluoyz: For the OAuth tests I'm using the latest release 21.0.1 of Keycloak. |
@fischermario 1. Only the user itself can do the link and unlink action. |
|
|
|
|
For 1., we already said, that button is gray because we don't allow admin to "Link" for another user, even if you are an admin. E.g., you are So ALL people can only link for himself (aka in this page: https://door.casdoor.com/account instead of: https://door.casdoor.com/users/built-in/erguotou520) If you still found a bug when a user links for himself, please create a new issue. Given this issue's topic is diverged too far away, it will be closed now. |
I'm using Keycloak as an OIDC IdP for Casdoor. I have created a custom OAuth provider in Casdoor according to the official manual.
Unfortunately I cannot link the Casdoor user to the user in Keycloak as the "Link" button in Casdoor is disabled:
The login works as expected if I manually add the User-ID of the Keycloak user to the "custom" column in the "user" table of the Casdoor database.
Is there any way to do this in the UI instead?
What happens if I want to add a second (or third) custom OAuth provider?
Why are there dedicated columns for OAuth providers in the "user" table in the Casdoor database? Wouldn't it be wiser to have a link table to associate only active 3rd party logins (and therefore avoid overhead)?
This kind of "hard-coding" was also mentioned in Be able to link & unlink any 3rd-party login in the account page #36.
When I add the Keycloak SAML provider the user seems to be associated automatically (although I cannot test it due to a bug which I described in Wrong application name with Keycloak SAML login #1662). Why does this work differently?
The text was updated successfully, but these errors were encountered: