Hello.
I’m trying to integrate Keycloak with MinIO. Keycloak v20.0.1 and probably it’s Ok since integration with a bunch of other products works well.
For the MinIO I need to configure a claim which provides group info and this group should map MinIO existing groups.
In Keycloak I’ve created client and added groups to the client scopes.
I created a group consoleAdmin which is exactly the same as in MinIO.
I created a mapper consoleAdmin Group membership type which creates Token Claim Name for client.
Almost everything as per manual taking into account that manual is for quite old version.
Now every time I’m trying to login with SSO MinIO complains about policy name:
None of the given policies (/consoleAdmin) are defined, credentials will not be generated
This means that for some reason it receives group information with the / in front of the group name. Can I fix this somehow on the Keycloak side? Or this is MinIO application issue and it is not compatible with current Keycloak realization? I don’t think this is MinIO issue since it should be just OpenID standard thingy…
Any advice on how can I configure this properly?
Thanks in advance!