A Keycloak Identity Provider mapper that automatically generates usernames from email addresses during user federation/import.
This mapper is designed to work with Keycloak's OIDC identity providers. When a user logs in through an OIDC provider (like Google, Microsoft, etc.), it takes their email address and creates a unique username by:
- Taking the local part of the email (before the @)
- Appending a 4-character random hex string
For example:
- Email:
[email protected]
- Generated username:
john.doe1a2b
- Compatible with Keycloak OIDC and Keycloak OIDC Identity Providers
- Automatic username generation from email addresses
- Supports all Identity Provider sync modes
- No configuration required
- Prevents username conflicts with random suffix
- Java 21
- Keycloak 26.0.6 or later
- Gradle (included wrapper)
-
Build the JAR file:
./gradlew build shadowJar
-
Copy the generated JAR (
build/libs/email2username-mapper-1.0-SNAPSHOT.jar
) to Keycloak's providers directory:cp build/libs/email2username-mapper-1.0-SNAPSHOT.jar /path/to/keycloak/providers/
-
Restart Keycloak to load the new provider
- In Keycloak admin console, go to your realm's Identity Providers section
- Select or create an OIDC-based Identity Provider
- In the Identity Provider's configuration, go to the "Mappers" tab
- Click "Add Mapper" and select "Email to Username" from the mapper type dropdown
- Save the mapper configuration
The mapper will now automatically generate usernames for new users logging in through this Identity Provider.
git clone https://github.com/yourusername/email2username-mapper.git
cd email2username-mapper
./gradlew build
Contributions are welcome! Please feel free to submit a Pull Request.