I do not want to auto-create users in nextcloud after they login using SSO. I just want to allow existing Nextcloud users to login via SSO using OpenID connect protocol.
Users in Keycloak and Nextcloud have the same login name and email. I also want to solve permissions and user groups in Nextcloud, not map it from Keycloak.
In social login app I have checked “Disable auto create new users”.
After I try to login using keycloak, I got following error: “Auto creating new users is disabled” and login fails. But user with the same login name exists in Nextcloud and Keycloak.
I need to keep the possibility of logging in with the local Nexcloud account without using SSO.
What I do bad?
Is it necessary to set Mappers in Keycloak client? But how? I tried everything possible, but still without success.
I think I need to set up login and email mapping.
That (linking keycloak users to existing NC users - manually, if necessary) is something I was looking for and came across this thread. And I am very happy to find that this works.
But how?
I have an existing NC user account. And I have created a new user by logging in via Keycloak. When I am in my existing NC account and go to Social Login settings, I only see the option to “Disable password confirmation on settings change” but I don’t see any option to link the Keycloak created account. Where do I find this or how do I do that?
I don’t use sociallogin app because of this restriction - so can’t explain you how it works… But there is no way to merge an existing NC user with another user auto-created by OIDC. You need to remove the KC user, disable user auto-creation and link you OIDC login after logging in as NC user…
Okay, so there is this check box in admin settings of sociallogin to “allow users to link social accounts” (or something to that effect). After checking this box, I started seeing the option to link to an external account in the user’s settings. Linking was no problem at all and external authentication is now working (for the users that have linked out).