How to add 'memberOf' attribute to SAML response

psn · April 3, 2024, 2:29pm

Hello community members,

Is there any way we can add the ‘memberOf’ attribute to the SAML response? Users are federated from LDAP server (read-only) mode to the Keycloak server.

Any help on this is much appreciated.

Thank you.

iilr · March 12, 2025, 2:29pm

Hello! Did u find a solution for this? I have the same question

dteleguin · April 16, 2025, 8:40pm

This requires two steps:

Go to LDAP Settings → Mappers tab, create a mapper of type user-attribute-ldap-mapper, map the memberOf LDAP attribute to a User Model Attribute of your choice;
Go to your SAML client configuration, add a mapper (by configuration) of type User Attribute, then map the user attribute to SAML attribute.

Depending on you Keycloak version, you might need to define the custom attribute in Realm settings → User Profile.

Topic		Replies	Views
Map groups from SAML IDP into Keycloak saml	2	8464	November 24, 2021
SAML Attribute to Group Mapper Extending the server saml	0	708	January 28, 2022
Keycloak attributes Configuring the server ldap , saml	1	699	May 18, 2022
Send Attributes of Alternate User In SAML Response? Extending the server authentication , saml	0	292	February 28, 2023
LDAP federation mapper: memberOf	1	401	October 5, 2021

How to add 'memberOf' attribute to SAML response

Related topics