Hi Bill - Yes, I am using custom federation adapter and could authenticate users successfully. Will try out your suggestions. Thanks.

One observation though in the 1.1 Beta1 version- Based on debugging comments, it appears that for each authentication attempt, the below methods in Federation Provider are called multiple times (10 or 12 times)

1) proxy

2) isValid

3) getInstance (in Federation Factory)

Thanks once again.

Raghu

From: Bill Burke <bburke@redhat.com>
To: keycloak-user@lists.jboss.org
Sent: Friday, November 7, 2014 9:22 PM
Subject: Re: [keycloak-user] Api for adding roles to users

Are you writing a custom federation adapter? Two options:

* Define default roles within the admin console. When your user is
imported into a UserModel, the default roles will be added
* Extract role mappings from your external store, and populate the user
model with them when you import the user into the keycloak database.

On 11/7/2014 4:46 PM, Raghuram wrote:
> How do we add users to the default roles? I am using the key cloak federation api to do custom authentication for a realm. Noticed that the users are not able to login to the application after being authenticated unless roles are added manually to them. Wondering if the roles can be added within the federation provider code after authenticating the users?
>
> Sent from my iPhone

> _______________________________________________
> keycloak-user mailing list
> keycloak-user@lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>

--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user