Identifying users by source and source-id

It is possible to have users in CUE Content Store identified by a unique source and source-id from the IAM system instead of a username. This makes it possible to change a user's username (login name), for example if the person changes name in real life, while still being the same person in CUE Content Store.

By default, CUE User Manager will generate source and source-id based on the name of the IAM provider and the subject identifier included in the id token returned from the IAM.

The source and source-id will be included in the JSON response from the https://um.example.com/user/me webservice like so: 

{
  ..
  "source": "keycloak",
  "sourceId": "00u12efkyrMnlKKlL5d7"
  ..
}

It is possible to override the default values by extending the OIDC client configuration in the IAM backend to include a source and source-id in custom OIDC claims. The claims must be named source and source_id, and they must be included in the OIDC UserInfo endpoint.

Copyright © 2019-2022 Stibo DX A/S