Support for more/custom keycloak_ldap_mapper types? #230
Comments
|
There was some work in #228 to support arbitrary configuration options for realms that get passed directly to Keycloak API with rest of data from this module. That same approach might work for LDAP mapper too. The big downside to allowing arbitrary key/value pairs is you lose validation. Do you have any example data for some of those other LDAP mapper types I could use in validating new code works to add those LDAP mappers? Just one or two examples be good enough I think. If you just provide the JSON dump from kcadm that's fine, can redact as needed. |
|
Here is the configuration of a self-written ldap mapper that converts LDAP's {
"id" : "3b1d2883-3b58-44d5-a060-dee13a5f0211",
"name" : "creation-date",
"providerId" : "user-attribute-enhanced-ldap-mapper",
"providerType" : "org.keycloak.storage.ldap.mappers.LDAPStorageMapper",
"parentId" : "ldap",
"config" : {
"ldap.attribute" : [ "whenCreated" ],
"is.mandatory.in.ldap" : [ "true" ],
"is.binary.attribute" : [ "false" ],
"read.only" : [ "true" ],
"always.read.value.from.ldap" : [ "false" ],
"user.model.attribute" : [ "createdTimestamp" ]
}
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Currently, the list of supported types for the
keycloak_ldap_mapperis hardcoded to:In Keycloak 15.0.2 the following LDAP mappers (for AD) are available:
In addition to the built-in LDAP mappers one can add custom ones with their own ID. Do you see a way to support custom ldap mappers in the module?
Puppet module version: 7.12.0
Keycloak version: 15.0.2
The text was updated successfully, but these errors were encountered: