Hi All,
I guess I’m doing something wrong. I’m trying to use my Keycloak setup as IDP for AWS.
I’m trying to integrate via SAML.
I guess the basic is also OK but I have an issues with the roles which are pushed to AWS as it looks like roles from other clients are send as well and not only the AWS role.
My users and groups are coming from an LDAP and the role is assigned to a group.
I can see that all my client roles are send in the SAML response. For example roles which are created for Nextcloud or others.
Is there a way to make sure that only the roles from that specific client are send to AWS as it looks like AWS is failing the login if there are other roles than their owns?
Best regards
Timmi