authenticatorConfig is ignored

[MBA-aix]

Current Behavior

I manually configured keycloak, including the setting in this screen

which is important for my stuff to work. Then I exported the config via kc.sh export and got the config file in JSON format. This file contains the following section, where I assume the above screen is stored

  "authenticatorConfig": [
    {
      "alias": "keycloak-us-oidc",
      "config": {
        "defaultProvider": "keycloak-us-oidc"
      },
      "id": "d863d33c-de7a-4649-a005-54d6b424f664"
    }
  ],

but when this configuration is applied during the next deployment, somehow that configuration seems to be missing.

Expected Behavior

I expect the exported authenticatorConfig configuration applied again to lead to the exact same resulting configuration (in the UI) again.

Steps To Reproduce

No response

Environment

• Keycloak Version: docker.io/bitnami/keycloak:24.0.4-debian-12-r1
• keycloak-config-cli Version: docker.io/bitnami/keycloak-config-cli:5.12.0-debian-12-r5
• Java Version: OpenJDK Runtime Environment Temurin-21.0.3+9 (build 21.0.3+9-LTS) (as of the config-cli image)

Anything else?

No response

[jonasvoelcker]

Hi @MBA-aix,

the tool works without IDs, you just have to put the alias (keycloak-us-oidc) into the field authenticatorFlow.

Please let us know if that worked.

Best Regards Jonas

[MBA-aix]

Hi @jonasvoelcker,

first and foremost, that did the trick! I removed the id fields and everything works as expected.

Just one more question: Is your statement about IDs universal, i.e. there should not be any such "id": "<uuid>" properties in the config export or is this only true for the authenticatorConfig part?

Thanks in advance!

[jonasvoelcker]

Hey @MBA-aix,

whereever references are used (e.g. authFlowOverrides) it uses the names instead of the IDs as they are generated by Keycloak and they are not equal through the different stages.

You can easily delete every id-row in your export, you just need to reference without the IDs though.