From 2885730582e168fb073656d863e7d5b78e8d15a6 Mon Sep 17 00:00:00 2001
From: Kristian Klausen <kristian@klausen.dk>
Date: Sat, 17 Jun 2023 19:27:10 +0200
Subject: [PATCH] tf-stage2: Make specifying a last name optional

We have a few staff and users who prefer using a alias/mononym, so let's
make it optional.

Since our custom Keycloak theme does not use v3[1][2] of the account
console yet, it is not aware that the last name is optional, so
unfortunately the user cannot change "personal info" in the account
console without also specifying the last name. This only affects the
account console, the initial user configuration can be done without
specifying a last name.

[1] https://gitlab.archlinux.org/archlinux/keycloak-archlinux-theme/-/blob/238889fb36d512f0baa328fad00531ef53c14c1f/lib/src/main/resources/theme/archlinux/account/theme.properties#L1
[2] https://www.keycloak.org/2023/04/keycloak-2110-released#_experimental_account_console_version_3
---
 tf-stage2/keycloak.tf | 2 --
 1 file changed, 2 deletions(-)

diff --git a/tf-stage2/keycloak.tf b/tf-stage2/keycloak.tf
index f930c3c5d..25990285b 100644
--- a/tf-stage2/keycloak.tf
+++ b/tf-stage2/keycloak.tf
@@ -213,8 +213,6 @@ resource "keycloak_realm_user_profile" "archlinux" {
     name         = "lastName"
     display_name = "$${lastName}"
 
-    required_for_roles = ["user"]
-
     permissions {
       view = ["admin", "user"]
       edit = ["admin", "user"]
-- 
GitLab