OpenBankProject · simonredfern · Nov 19, 2025 · Nov 18, 2025 · Nov 18, 2025
diff --git a/obp-api/src/main/scala/code/api/OAuth2.scala b/obp-api/src/main/scala/code/api/OAuth2.scala
@@ -402,7 +402,7 @@ object OAuth2Login extends RestHelper with MdcLoggable {
         case Right(fedRef) => // Users log on via Keycloak, which uses User Federation to access the external OBP database.
           logger.debug(s"External ID = ${fedRef.externalId}")
           logger.debug(s"Storage Provider ID = ${fedRef.storageProviderId}")
-          Users.users.vend.getUserByResourceUserId(fedRef.externalId)
+          Users.users.vend.getUserByUserId(fedRef.externalId.toString)
         case Left(error) =>
           logger.debug(s"Parse error: $error")
           Users.users.vend.getUserByProviderId(provider = provider, idGivenByProvider = uniqueIdGivenByProvider).or { // Find a user

diff --git a/obp-api/src/main/scala/code/api/util/KeycloakFederatedUserReference.scala b/obp-api/src/main/scala/code/api/util/KeycloakFederatedUserReference.scala
@@ -4,15 +4,15 @@ import java.util.UUID
 import scala.util.Try
 
 final case class KeycloakFederatedUserReference(
-                                         prefix: Char,
-                                         storageProviderId: UUID,   // Keycloak component UUID
-                                         externalId: Long           // autoincrement PK in external DB
-                                       )
+                                                 prefix: Char,
+                                                 storageProviderId: UUID,   // Keycloak component UUID
+                                                 externalId: UUID           // unique user id in external DB
+                                               )
 
 object KeycloakFederatedUserReference {
   // Pattern: f:<storageProviderId>:<externalId>
   private val Pattern =
-    "^([A-Za-z]):([0-9a-fA-F-]{8}-[0-9a-fA-F-]{4}-[0-9a-fA-F-]{4}-[0-9a-fA-F-]{4}-[0-9a-fA-F-]{12}):(\\d+)$".r
+    "^([A-Za-z]):([0-9a-fA-F-]{8}-[0-9a-fA-F-]{4}-[0-9a-fA-F-]{4}-[0-9a-fA-F-]{4}-[0-9a-fA-F-]{12}):([0-9a-fA-F-]{8}-[0-9a-fA-F-]{4}-[0-9a-fA-F-]{4}-[0-9a-fA-F-]{4}-[0-9a-fA-F-]{12})$".r
 
   /** Safe parser */
   def parse(s: String): Either[String, KeycloakFederatedUserReference] =
@@ -21,7 +21,7 @@ object KeycloakFederatedUserReference {
         for {
           providerId <- Try(UUID.fromString(providerIdStr))
             .toEither.left.map(_ => s"Invalid storageProviderId: $providerIdStr")
-          externalId <- Try(externalIdStr.toLong)
+          externalId <- Try(UUID.fromString(externalIdStr))
             .toEither.left.map(_ => s"Invalid externalId: $externalIdStr")
         } yield KeycloakFederatedUserReference('f', providerId, externalId)