Hi,
Role R
Role R has attribute A
User U has role R
I thought that this user U has now set attribute A. Isn’t this automatically the case? Or is this something missing for SAML, which I use in keycloak.
Thank you in advance.
did you ever find a solution to this?
In Keycloak, when a user is assigned a role (such as Role R) that has an associated attribute (such as attribute A), the attribute is not automatically set for the user. This is because attributes associated with roles in Keycloak are not automatically propagated to users who are assigned those roles.
If you want the attribute A to be set for User U when they are assigned Role R, you would need to explicitly set the attribute for that user. This can be done manually through the Keycloak admin console or programmatically using the Keycloak Admin REST API.
Can be achieved using group level attributes. I believe users inherit attributes of the groups they are part of.