Groups Keyclaok on Gerrit

Hi Everybody.
I maked a configuration where gerrit if authentic in the Keycloak. A issue that I face is when I need to find a Group that there is in the Keycloak the Gerrit doesn’t find these.
I used this document for to do the authentication configuration.

Below follow the configuration SAML that indicate with the parameter “memberOfAttr” allows the Gerrit find the Keycloak Group’s.
gerrit.config

[gerrit]
        basePath = git
        canonicalWebUrl = http://10.0.15.18:8080
        serverId = f2c50cc7-6450-41ea-9d72-6ddc268cffe8
        installModule = com.googlesource.gerrit.plugins.saml.Module
[index]
        type = LUCENE
[auth]
        #type = DEVELOPMENT_BECOME_ANY_ACCOUNT
        type = HTTP
        loginUrl = http://10.0.15.18:8080/login
        logoutUrl = http://10.0.15.18:8080/
        httpHeader = X-SAML-UserName
        httpEmailHeader = X-SAML-EmailHeader
        httpExternalIdHeader = X-SAML-ExternalId
[sendemail]
        smtpServer = localhost
[sshd]
        listenAddress = *:29418
[httpd]
        listenUrl = http://*:8080/
        #filterClass = com.googlesource.gerrit.plugins.ootb.FirstTimeRedirect
        #firstTimeRedirectUrl = /login/%23%2F?account_id=1000000
        filterClass = com.googlesource.gerrit.plugins.saml.SamlWebFilter
[cache]
        directory = cache
[plugins]
        allowRemoteAdmin = true
[container]
        javaOptions = "-Dflogger.backend_factory=com.google.common.flogger.backend.log4j.Log4jBackendFactory#getInstance"
        javaOptions = "-Dflogger.logging_context=com.google.gerrit.server.logging.LoggingContext#getInstance"
        user = gerrit
        javaHome = /usr/lib/jvm/java-17-openjdk-17.0.11.0.9-2.el9.x86_64
        javaOptions = -Djava.security.egd=file:/dev/./urandom
        javaOptions = --add-opens java.base/java.net=ALL-UNNAMED
        javaOptions = --add-opens java.base/java.lang.invoke=ALL-UNNAMED
        javaOptions = -Djava.security.egd=file:/dev/./urandom
        javaOptions = --add-opens java.base/java.net=ALL-UNNAMED
        javaOptions = --add-opens java.base/java.lang.invoke=ALL-UNNAMED
[receive]
        enableSignedPush = false
[saml]
        serviceProviderEntityId = SAML2Client
        #identityProviderEntityId = SAML2Client
        #identityProviderEntityId =  http://10.0.33.110:8080/realms/master/protocol/saml/SAML2Client
        keystorePath = /var/gerrit/etc/samlKeystore.jks
        keystorePassword = pac4j-demo-password
        privateKeyPassword = pac4j-demo-password
        metadataPath = http://10.0.33.110:8080/realms/master/protocol/saml/descriptor
        userNameAttr = UserName
        displayNameAttr = DisplayName
        emailAddressAttr = EmailAddress
        computedDisplayName = true
        firstNameAttr = firstName
        lastNameAttr = lastName
        memberOfAttr = memberOf

In the Keyclaok I used a SAML Client, the configuration this client is in this realm configuration.

I configured the Mapper in the client,

I don’t know if the Gerrit can to get the groups of Keycloak.
In my test, the Gerrit can’t work pull the goups.

Please. Can who help me about this?