Hi everyone,
I would like to know if it’s possible to automatically assign keycloak groups to roles for a specific client?
For example, I’ve imported groups from my LDAP in Keycloak with the following groups path:
-APPS
-
- App1
-
-
- Admin
-
-
-
- User
(…)
- User
-
Then, I’ve mapped each group (Admin, User) to my SAML client “App1” in which I’ve created dedicated roles “Admin_Role” and “User_Role” which match the previous groups:
Admin_Role => APPS/App1/Admin
User_Role => APPS/App1/User
It works perfectly but is it possible to automatically map Keycloak groups to a client with variables? Then, each time we create a new group in our LDAP for App1, Keycloak synchronises it and I don’t have to map it to my SAML client App1.
Thanks!