Keycloak Custom User Federation and Identity Provider Working Order

I have two custom authentication method on Keycloak.

One of them is custom implemented user federation. I configured it for X realm. System uses this implementation for login with username / password method. This implementation calls my federation service and it validates sent user. It works successfully and authenticates federated users.

Second one is an identity broking (openid connect). I configured a custom openid provider to Y realm. It works successfully and validates provider's users.

I configured both of them to same realm. When i try to use login with custom identity provider, authentication flow works correctly. In the end of flow, configured user federation (custom implemented user federation) triggers with username which comes from identity broking (custom identity provider) login process and it calls my federation service again.

When i try to login with identity providers, i do not want the user federation (custom implemented user federation) to work. It must work only when i try to login with username / password login.

How can i block working of user federation on this scenario?

Please share your experience. Thanks

Continue reading...