-
Notifications
You must be signed in to change notification settings - Fork 40
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support for more/custom keycloak_ldap_mapper types? #230
Comments
There was some work in #228 to support arbitrary configuration options for realms that get passed directly to Keycloak API with rest of data from this module. That same approach might work for LDAP mapper too. The big downside to allowing arbitrary key/value pairs is you lose validation. Do you have any example data for some of those other LDAP mapper types I could use in validating new code works to add those LDAP mappers? Just one or two examples be good enough I think. If you just provide the JSON dump from kcadm that's fine, can redact as needed. |
Here is the configuration of a self-written ldap mapper that converts LDAP's {
"id" : "3b1d2883-3b58-44d5-a060-dee13a5f0211",
"name" : "creation-date",
"providerId" : "user-attribute-enhanced-ldap-mapper",
"providerType" : "org.keycloak.storage.ldap.mappers.LDAPStorageMapper",
"parentId" : "ldap",
"config" : {
"ldap.attribute" : [ "whenCreated" ],
"is.mandatory.in.ldap" : [ "true" ],
"is.binary.attribute" : [ "false" ],
"read.only" : [ "true" ],
"always.read.value.from.ldap" : [ "false" ],
"user.model.attribute" : [ "createdTimestamp" ]
}
} |
Currently, the list of supported types for the
keycloak_ldap_mapper
is hardcoded to:In Keycloak 15.0.2 the following LDAP mappers (for AD) are available:
In addition to the built-in LDAP mappers one can add custom ones with their own ID. Do you see a way to support custom ldap mappers in the module?
Puppet module version: 7.12.0
Keycloak version: 15.0.2
The text was updated successfully, but these errors were encountered: