Hi @All,

I want to use an external identity provider (keycloak) to manage A&A for users without Azure account. I'm aware, that this could be achieved via Azure AD B2C, but unfortunately the higher ups don't want that solution.

So is something like that possible at all?

My first draft would be something like

* create managed identity for each right-set

* assign keycloak-role to given managed identity

How would one advance?

Regards,

Brigitte