I somehow configured Keycloak for SAML authorization with Discourse, even transparent user creation works.
But now there is a problem with passing user fields.
I configured the following field mapping in Keycloak SAML (found on the Internet):
When I log into Discourse, I create a new user through Keycloak. This is what a user looks like in Keycloak:
After that, the created user is transferred to Discourse. This is how fields for which there is a mapping are transferred to Discourse:
.............................
<saml:AttributeStatement>
<saml:Attribute FriendlyName="Email" Name="email" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">a.nakhimov@yandex.ru</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute FriendlyName="Username" Name="name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">v.pupkin</saml:AttributeValue>
</saml:Attribute>
</saml:AttributeStatement>
........................
This is what the submitted user looks like in Discourse:
Points 1, 3 and 4 are completely correct. But I don’t like point 2… In Keycloak, the user has a normal First and Last Name. Why is only the first letter of the First Name left in Discourse? Is there any way to fix this? Maybe I need to do some other mapping in SAML?