[keycloak-user] [Keycloak][Get identity provides roles]
Bill Burke
bburke at redhat.com
Fri Feb 24 10:55:41 EST 2017
You mean you are doing identity brokering with a parent keycloak
instance? Look at Mappers. There are "Claim to Role" and "External
Role To Role" mappers. The tooltips will explain what they do. What
you have to do is map claims from the external IDP into user attributes
and role mappings for the user imported into your Keycloak instance.
Then you map from the common user model to the token claims you want
generated for your application. Hope that makes sense.
On 2/24/17 10:36 AM, Salvatore Incandela wrote:
> Hi guys, I've done several tries but I'm still having the same question: is
> possible to populate user roles given by an identity provider (another
> keycloak instance) getting those from the json claim?
>
> On Thu, Feb 23, 2017 at 5:56 PM, Salvatore Incandela <
> salvatore.incandela at redhat.com> wrote:
>
>> Hi guys, is possible to populate user roles given by an identity provider
>> (another keycloak instance) getting those from the json claim?
>>
>> --
>> Salvatore Incandela
>> Middleware Consultant
>> ------------------------------
>> Red Hat - www.redhat.com
>> Via Andrea Doria 41M
>> 00192 Roma (Italy)
>> Mobile +39 349 6196615 <+39%20349%20619%206615>
>> Fax +39 06 39728535 <+39%2006%203972%208535>
>> E-mail salvatore.incandela at redhat.com
>>
>
>
More information about the keycloak-user
mailing list