It is possible to migrate user information from an internal authentication realm and to an SSO authentication realm.
In the conf.json configuration file, add the "overridesUserFromRealm" property in the chosen "realms" parameter of the "authentication" object as in the following example:
{
"ui": {
"authentication": {
"realms": [
{
"type": "internal",
"name": "our-users"
},
{
"type": "google",
"name": "google-auth",
"configuration": {
"key": "1234567890.apps.googleusercontent.com",
"secret": "jlhkjfyiu7-654GV-JG65ghf",
"overridesUserFromRealm": "our-users"
}
}
]
}
}
}
In this example, the "google-auth" realm will retrieve user information from the "our-users" realm the next time the user signs in. So, if the "our-users" database contains a profile with the "myname@gmail.com", and the authentication is configured as described above, when the user with the "myname@gmail.com" account signs in for the first time through the Google SSO authentication realm, all previous data from the internal realm will be reassociated to this newly created "google-auth" profile.
Once migration is complete, the internal account is removed and can no longer be used.
If the internal realm is still active, a user can still create an account with a new email address.