defenseunicorns · chance-coleman · Apr 4, 2025 · Mar 28, 2025 · Mar 28, 2025 · Apr 2, 2025
@@ -71,6 +71,15 @@ kubectl create configmap keycloak-theme-overrides \
 
 For other changes beyond these images you will need to build a custom theme and identity-config image. Changes can be made to the [src/theme](https://github.com/defenseunicorns/uds-identity-config/tree/main/src/theme) directory. At this time only Account and Login themes are included, but email, admin, and welcome themes could be added as well.
 
+### Registration Form Fields
+
+Registration Form Fields, which by default are enabled, can be disabled to minimize the steps to register a new user. See [this section](https://uds.defenseunicorns.com/reference/uds-core/idam/customization/#templated-realm-values) for the example of disabling the registration form fields with the `themeCustomizations.settings.enableRegistrationFields` environment variable.
+
+When disabled, the following fields will not be present during registration:
+- Affiliation
+- Pay Grade
+- Unit, Organization or Company Name
+
 ### Testing Changes
 
 To test the `identity-config` theme changes, a local running Keycloak instance is required.
@@ -134,7 +143,6 @@ overrides:
                ACCESS_TOKEN_LIFESPAN: 600
                SSO_SESSION_LIFESPAN_TIMEOUT: 1200
                SSO_SESSION_MAX_LIFESPAN: 36000
-               DISABLE_REGISTRATION_FIELDS: true
             path: realmAuthFlows
             value:
                USERNAME_PASSWORD_AUTH_ENABLED: true
@@ -143,6 +151,9 @@ overrides:
                OTP_ENABLED: true
                WEBAUTHN_ENABLED: true
                X509_MFA_ENABLED: true
+            path: themeCustomizations.settings
+            value:
+               enableRegistrationFields: true
 ```
 
 > These environment variables can be found in the [realm.json](https://github.com/defenseunicorns/uds-identity-config/blob/main/src/realm.json).

@@ -53,7 +53,7 @@ fi
     echo "X509_LOGIN_ENABLED=${X509_LOGIN_ENABLED}"
     echo "USERNAME_PASSWORD_AUTH_ENABLED=${USERNAME_PASSWORD_AUTH_ENABLED}"
     echo "REGISTER_BUTTON_ENABLED=${REGISTER_BUTTON_ENABLED}"
-    echo "REALM_DISABLE_REGISTRATION_FIELDS=${REALM_DISABLE_REGISTRATION_FIELDS:-false}"
+    echo "ENABLE_REGISTRATION_FIELDS=${ENABLE_REGISTRATION_FIELDS:-true}"
     echo "WEBAUTHN_ENABLED=${WEBAUTHN_ENABLED}"
     echo "X509_MFA_ENABLED=${X509_MFA_ENABLED}"
 } >> /opt/keycloak/themes/theme/login/theme.properties

@@ -44,7 +44,7 @@
                         </#if>
                     </div>
                 </div>
-                <#if properties["REALM_DISABLE_REGISTRATION_FIELDS"] == "false">
+                <#if properties["ENABLE_REGISTRATION_FIELDS"] == "true">
                     <div class="row">
                         <div class="col-lg-6 form-group ${messagesPerField.printIfExists('affiliation','has-error')}">
                             <label for="affiliation" class="form-label">Affiliation</label>
@@ -254,7 +254,7 @@
         </#if>
     </@layout.registrationLayout>
     <script>
-    if('${properties["REALM_DISABLE_REGISTRATION_FIELDS"]}' == "false") {
+    if('${properties["ENABLE_REGISTRATION_FIELDS"]}' == "true") {
         document.getElementById('affiliation').value = "${(register.formData['affiliation']!'')}";
         document.getElementById('rank').value = "${(register.formData['rank']!'')}";
     }