libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6

broker

Browse source
This commit is contained in:
Bill Burke 2016-05-27 14:11:50 -04:00
parent d10b8c878c
commit fc93f3dae9
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
topics/identity-broker/first-login-flow.adoc
View file

@ -9,7 +9,7 @@ there can be two situations:
* There is already a {{book.project.name}} user account imported and linked with the authenticated identity provider account.
In this case, {{book.project.name}} will just authenticate as the existing user and redirect back to application.
* There is not yet an existing {{book.project.name}} user account imported and linked for this external user.
Usually you just want to register and import the new account into {{book.project.name} database, but what if there is existing
Usually you just want to register and import the new account into {{book.project.name}} database, but what if there is existing
{{book.project.name}} account with the same email? Automatically linking the existing local account to the external
identity provider is a potential security hole as you can't always trust the information you get from the external identity provider.