Support for user First Name, and Last Name

[cvarjao]

It was initially decide that since we wouldn't populate user's last name:

• We can't get last name from BCeID in the SAML response
• We wanted to avoid apps mistakenly using keycloak first name and last name as legal name
• Applications would only need to know user display name as an information on who is currently logged on.

There has been ongoing requests for proper retrieving user's first name and last name

[arcshiftsolutions]

I've reached out to IDIM with the following:

Hello IDIM technical team,

We have an issue related to the SAML payload provided in the BCDevExchange Keycloak instance:

• The BCeID last name attribute seems to only be available when a user logs in with a Business BCeID • In the Basic case, the SAML payload does not have the last name attribute • However, the user’s last name is visible in the display name field • This issue has been confirmed in the DEV & TEST Keycloak environments • We have not confirmed Personal BCeIDs but ideally the last name would also be available in that case as well

Can you please advise if it’s possible to return the last name attribute in the Basic BCeID SAML payload? Several teams have expressed desire to use this attribute.

Thanks!

[ShellyXueHan]

@arcshiftsolutions any update on this request?

[arcshiftsolutions]

Hi @ShellyXueHan - I believe it's a policy issue at this time. Nick Mailhot may have more info.

[ShellyXueHan]

Update: Result from BCeID team discussion: first name and last name in BCeID are not legal names, team should be using display name for user information when needed.