I'm trying to update email of federated user via admin console for testing purposes, but it turns out it is not that simple to do that. Email
field of the user is just disabled in UI and nothing enables it.
I tried lots of stuff here and there:
Edit username
property of the realmWho can edit?
and Who can view?
permissions in Realm settings > User profile > Edit attribute
tabBut no luck with any of those configurations.
Can anyone please point me on what I am missing?
It turns out (at least in keycloak 25) that to make it possible to create new users and update existing ones you need to switch your LDAP user federation Edit mode
to UNSYNCED
.
More info can be found in keycloak github