Create User
The following applies to the "Embedded" user management.
Users are created in the SABIO Client. The "Add user" button takes you to the creation screen. Here the personal attributes required for authorization in SABIO as well as the login name can be assigned.
When saving, the entered data is automatically synchronized between Keycloak and SABIO.
After saving sucessfully, the user can be found and edited in SABIO. The same applies to Keycloak.
Attention: The user does not have a password at this moment. The user can create his own password using the "Forgot password" function.
When creating a user, the UI language must also be specified. This language will also be transmitted to Keycloak and serves as default language for this user.
If the selected language is not available in Keycloak, English will be set automatically.
The user is not bound to this language in SABIO and can change it later. This language is no longer synchronized with SABIO for subsequent logons.
Keycloak uses the transmitted language for communication e-mails, e.g. "Forgot password".
Possible Error Cases
Duplicate login name
If the specified login name already exists in SABIO or Keycloak, the user cannot be created. The login name is used for the unambiguous assignment between SABIO and Keycloak, therefore duplicate entries are not permitted here.
Duplicate E-Mail Address
If the specified e-mail address already exists in SABIO or Keycloak, the user cannot be created. The e-mail address is used in SABIO as an external notification option if the respective user has to react in SABIO (e.g. expired content). In Keycloak the "Reset password" function works via e-mail. Since this is relevant to security, the e-mail addresses must be assigned unambiguously here.
Keycloak not reachable or Realm not available in Keycloak
In these two cases, users cannot be created.