Rewrite username with SAML/OpenIDC Logins

First of all, thank you for providing such great software as open source.

I have successfully setup discourse on our server with OpenIDC integration to our local keycloak server. However, keycloak delivers user names as domain1\user and domain2\user etc. Users turn up as domain1_user and domain2_user. I would like to transmogrify the user names, potentially based on regular expresions. I would like to have user names to be user_domain1 and user_domain2.

As far as I can see, this is not properly supported in either the SAML or the OpenIDC connector. I tried modifying the source code of the connectors but the mapping probably needs to be done in a lot of places and I did not succeed.

Has anyone succeeded with such a setup yet?

I looked into configuring this into Keycloak, but Keycloak does not allow regular expressions in client mappings or from upstream federation servers on login…

1 Like

I think the required modifications would be limited to a single function.

1 Like

Oh, neat! I was focusing on OpenIDC but with SAML it looks simpler.

1 Like