You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
For IDIR accounts without an email, the email attribute shows as an empty string instead of null on keycloak. This only appears in production, not dev or test environments.
BCeID issue:
some old BCeID accounts that do not contain an email attri
BCeID accounts (which is registered with an email address) that show up on KeyCloak without email attri
Check with your user first to confirm the IDIR/BCeID account has an email in the profile
IDIR: ask user to either call 77000, or login to summer.gov.bc.ca, if Outlook could successfully load, then you could confirm user has email
We are still working with IDIM team to fix the IDIR inconsistency.
We need more information to start the BCeID debugging with IDIM.
If you can confirm user account has email but not populated in KeyCloak, please provide details in this ticket. If possible, please ask the specific users to capture the saml payload during log on. Detailed information is very helpful.
Thank you!
April 2020
We've done a quick debugging. There is no email attribute populated even on BCeID realm level so there's nothing to be passed to the application realm. Further debugging will need IDIM team's collaboration.
However, as a temporary fix, ould use the first broker login flow to enable user profile review. So that empty fields could be filled by users manually.
September 2021
This issue is on-going:
We're still seeing occasional IDIRs with no email associated (this is an ADMS/IMS issue)
Personal BCeIDs do not receive the email as an attribute (known limitation at IDIM)
We have not observed the issue with Basic or Business BCeIDs since the issues reported above
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Background:
IDIR issue:
nullon keycloak. This only appears in production, not dev or test environments.BCeID issue:
Check with your user first to confirm the IDIR/BCeID account has an email in the profile
Solutions? Status? Help needed!
Thank you!
April 2020
We've done a quick debugging. There is no email attribute populated even on BCeID realm level so there's nothing to be passed to the application realm. Further debugging will need IDIM team's collaboration.
However, as a temporary fix, ould use the
first broker loginflow to enable user profile review. So that empty fields could be filled by users manually.September 2021
This issue is on-going:
We're still seeing occasional IDIRs with no email associated (this is an ADMS/IMS issue)
Personal BCeIDs do not receive the email as an attribute (known limitation at IDIM)
We have not observed the issue with Basic or Business BCeIDs since the issues reported above
Beta Was this translation helpful? Give feedback.
All reactions