Keycloak IDP + PicketLink LDAP identity importation issue


I have an application configured with PicketLink and Gatein + LDAP (without massive import + import on user login enabled). I have also configured Keycloak with LDAP and user importation works fine. However, when I authenticate with an imported user using Keycloak , it redirects to my application and my application shows 403 error message and there is no profile importation. Is that need more configuration (handlers) in order to enable Profile Importation From LDAP via Gatein-portal ?