Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-13751

Identity provider - first time login user gives error: Invalid user name or password

    Details

    • Docs QE Status:
      NEW
    • QE Status:
      NEW

      Description

      I configured a SAML identity provider on keycloak, and its working on all users except for one user although the same setup is done on all users on the active directory.

      When I attempt to login with this user for the first time, It's redirected to the Update Account Profile form and I am having the following stack trace:

      [0m[33m10:07:31,910 WARN [org.keycloak.events] (default task-45) type=IDENTITY_PROVIDER_FIRST_LOGIN_ERROR, realmId=a8e87e21-84cc-4e4a-b83f-f3ce27d48482, clientId=XXXXX, userId=null, ipAddress=xx.xx.xxx.xxx, error=invalid_user_credentials, identity_provider='IDENTITY PROVIDER NAME', auth_method=openid-connect, redirect_uri=https://domain.d.com/, identity_provider_identity=username@domain, code_id=fa581401-281f-4cf0-8fae-b3d2488d2917, authSessionParentId=fa581401-281f-4cf0-8fae-b3d2488d2917, authSessionTabId=RAiSGiReyUE
      [0m[33m10:07:51,441 WARN [org.keycloak.services] (default task-45) KC-SERVICES0013: Failed authentication: org.keycloak.authentication.AuthenticationFlowException
      at org.keycloak.keycloak-services@8.0.1//org.keycloak.authentication.AuthenticationProcessor.authenticateOnly(AuthenticationProcessor.java:1001)
      at org.keycloak.keycloak-services@8.0.1//org.keycloak.services.resources.LoginActionsService$1.authenticateOnly(LoginActionsService.java:769)
      at org.keycloak.keycloak-services@8.0.1//org.keycloak.authentication.AuthenticationProcessor.authenticate(AuthenticationProcessor.java:860)
      at org.keycloak.keycloak-services@8.0.1//org.keycloak.services.resources.LoginActionsService.processFlow(LoginActionsService.java:296)
      at org.keycloak.keycloak-services@8.0.1//org.keycloak.services.resources.LoginActionsService.brokerLoginFlow(LoginActionsService.java:799)
      at org.keycloak.keycloak-services@8.0.1//org.keycloak.services.resources.LoginActionsService.firstBrokerLoginGet(LoginActionsService.java:694)
      at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      6:07

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                hmlnarik Hynek Mlnařík
                Reporter:
                hibahaddad Hiba Haddad
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: