Open Keycloak

Select Clients / Select the SAML Client and Select Mappers

Click on Add Builtin

Add the X500. givenName, sureName and email


Open the Application

Configure the Authentication

For the username you can use

urn:oid:2.5.4.42 + " " + urn:oid:2.5.4.4

This will concatenate the X500 givenName and the surame


For the email you can use the X500 email

urn:oid:1.2.840.113549.1.9.1


You can also define the default usersgroups that a new user will be added to

  • No labels