Hi, I am trying to integrate keycloak into a product and I was wondering if there is any standard way to import groups from an IDP like okta directly into keycloak. Something like the LDAP group mapper. The current solution I have is to attach a group attribute to the SAML assertion and create a mapper in keycloak. Then check and create groups if necessary during first login of the user. This is not a good solution. Is there some other way?
When you say a mapper in keycloak are you creating a keycloak group in the end or a role?