<html><head></head><body><div style="color:#000; background-color:#fff; font-family:garamond, new york, times, serif;font-size:14px"><div id="yui_3_16_0_1_1449738372653_3072">Hi, there ,</div><div id="yui_3_16_0_1_1449738372653_3072"><br></div><div id="yui_3_16_0_1_1449738372653_3072">Let me try to describe the case first. </div><div id="yui_3_16_0_1_1449738372653_3072"><br></div><div id="yui_3_16_0_1_1449738372653_3072" dir="ltr">We are using SAML 2.0 ID broker to authenticate the users. </div><div id="yui_3_16_0_1_1449738372653_3072" dir="ltr">From the returned assertions, we can only get the user's ID number. </div><div id="yui_3_16_0_1_1449738372653_3072" dir="ltr">So far as we know ,there will be thousands of users . In ID provider system,</div><div id="yui_3_16_0_1_1449738372653_3072" dir="ltr">there is no role concept ,so not possible to return us the Role claim. </div><div id="yui_3_16_0_1_1449738372653_3072" dir="ltr"><br></div><div id="yui_3_16_0_1_1449738372653_3072" dir="ltr">Now we want to assign roles to those users in keycloak . We made a rule .</div><div id="yui_3_16_0_1_1449738372653_3072" dir="ltr">For example, if the ID number is less than 100, we assign Role A to this user.</div><div id="yui_3_16_0_1_1449738372653_3072" dir="ltr">If ID number is between 101 and 1000, we assign Role B to it , and so on. </div><div id="yui_3_16_0_1_1449738372653_3072" dir="ltr"><br></div><div id="yui_3_16_0_1_1449738372653_3072" dir="ltr">Of course We can do this manually one by one in admin console. but for thousands of </div><div id="yui_3_16_0_1_1449738372653_3072" dir="ltr">users, it doesn't make much sense. </div><div id="yui_3_16_0_1_1449738372653_3072" dir="ltr"><br></div><div id="yui_3_16_0_1_1449738372653_3072" dir="ltr">We notice there is a Mapper button when configuring the ID provider, is there any way</div><div id="yui_3_16_0_1_1449738372653_3072" dir="ltr">to achieve our goal with that mechanism? </div><div id="yui_3_16_0_1_1449738372653_3072" dir="ltr"><br></div><div id="yui_3_16_0_1_1449738372653_3072" dir="ltr"><br></div><div id="yui_3_16_0_1_1449738372653_3072" dir="ltr">Thanks a lot.</div><div id="yui_3_16_0_1_1449738372653_3072" dir="ltr"><br></div><div id="yui_3_16_0_1_1449738372653_3072" dir="ltr">Mai</div><div id="yui_3_16_0_1_1449738372653_3072" dir="ltr"><br></div><div id="yui_3_16_0_1_1449738372653_3072" dir="ltr"><br></div><div id="yui_3_16_0_1_1449738372653_3072" dir="ltr"><br></div><div id="yui_3_16_0_1_1449738372653_3072" dir="ltr"><br></div><div id="yui_3_16_0_1_1449738372653_3072" dir="ltr"> </div></div></body></html>