From 645c053a9d1daffd308fe42bbf715f314551fc18 Mon Sep 17 00:00:00 2001 From: mposolda Date: Mon, 11 Mar 2019 19:47:10 +0100 Subject: [PATCH] KEYCLOAK-6056 Map user by Subject Alternative Name (otherName) when authenticating user with X509 --- server_admin/topics/authentication/x509.adoc | 1 + 1 file changed, 1 insertion(+) diff --git a/server_admin/topics/authentication/x509.adoc b/server_admin/topics/authentication/x509.adoc index fb66c00d17..07b0601f9a 100644 --- a/server_admin/topics/authentication/x509.adoc +++ b/server_admin/topics/authentication/x509.adoc @@ -26,6 +26,7 @@ Supported Certificate Identity Sources:: - Match SubjectDN using regular expression - X500 Subject's e-mail attribute - X500 Subject's e-mail from Subject Alternative Name Extension (RFC822Name General Name) +- X500 Subject's other name from Subject Alternative Name Extension. This is typically UPN (User Principal Name) - X500 Subject's Common Name attribute - Match IssuerDN using regular expression - X500 Issuer's e-mail attribute