Adding users by email in gitlab that do not exist in Renku yet

[olevski]

This is what happened to someone from the academic team

They added people to their renku project via email. This was done through gitlab (as expected). But the people they added did not have renku accounts (they did not know of this). Then the people that were added tried to create renku accounts with the same emails that were used to add them to the project on gitlab. They could not create accounts because keycloak said the emails were already used. Also the users could not reset their passwords either - they tried but never received emails.

I fixed this by going into keycloak and sending them a password reset. But I also compared their realm roles and the realm role called offline-access was missing from these users but was present on all normal users.

We should:

1. Replicate this and understand why it happens
2. Fix it

[olevski]

So it seems that just by adding users like this the accounts were created in keycloak but these accounts were unusable and unrecoverable by the users. It required an admin to get into keycloak and fix things.