diff --git a/infra/values/upc-dev/keycloak-values.yaml b/infra/values/upc-dev/keycloak-values.yaml index 2608288..5c73789 100644 --- a/infra/values/upc-dev/keycloak-values.yaml +++ b/infra/values/upc-dev/keycloak-values.yaml @@ -15,6 +15,29 @@ keycloakConfigCli: microsoft-idp.json: | { "realm": "forte", + "authenticationFlows": [ + { + "alias": "auto-link-first-broker-login", + "description": "Auto-link IdP accounts to existing users by email", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": false, + "authenticationExecutions": [ + { + "authenticator": "idp-create-user-if-unique", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10 + }, + { + "authenticator": "idp-auto-link", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 20 + } + ] + } + ], "identityProviders": [ { "alias": "forte-entra", @@ -22,7 +45,7 @@ keycloakConfigCli: "providerId": "microsoft", "enabled": true, "trustEmail": true, - "firstBrokerLoginFlowAlias": "first broker login", + "firstBrokerLoginFlowAlias": "auto-link-first-broker-login", "config": { "clientId": "7995d2b5-b798-4caf-8da6-b00b78bb34d7", "clientSecret": "$(env:MS_IDP_CLIENT_SECRET)", @@ -38,7 +61,7 @@ keycloakConfigCli: "enabled": true, "storeToken": true, "trustEmail": true, - "firstBrokerLoginFlowAlias": "first broker login", + "firstBrokerLoginFlowAlias": "auto-link-first-broker-login", "config": { "clientId": "7995d2b5-b798-4caf-8da6-b00b78bb34d7", "clientSecret": "$(env:MS_IDP_CLIENT_SECRET)",