Hi,
I have KeyCloak 19.0.2 and I want to get (via REST API?) all users in a specific group (or all users including all of their roles).
The problem is, that endpoint /admin/realms/MyRealm/roles/MyRoleName/users doesn’t include users with inherited (composite) roles.
My goal is to:
- sync users from Active Directory (that are assigned in AD to different groups)
- assign those groups as roles (i.e. AD_Role1, AD_Role2, AD_Role3)
- assign users to “custom” roles (i.e. custom-role-1, custom-role-2)
My application should operate/validate custom roles. I need somehow to bind AD roles with custom roles (I can make it with composite roles). But one of the application requirements is to query for users from a specific role - I cannot get it to work.