Hi, We have defined a set of fine-grain roles to secure endpoints on a backend application. We wanted to assign different set of roles to users. To avoid having to assign roles one-by-one to each user we have created groups and we have mapped roles to them (groups will work as profiles here) . Then we have assigned users to groups. This worked well. Now we want to create this setup in a LDAP and configure user federation. We can map LDAP roles to keycloak roles and LDAP groups to keycloak groups. We also even import group users to keycloak. But we don´t know how to transfer LDAP group-roles to keycloak group role-mappings. We haven´t found a mapper for this. Is there any way to do it? Thanks in advance, *Álvaro Martín García*[image: bluetab.net] <http://www.bluetab.net/> alvaro.martin(a)bluetab.net +34 91 457 16 97 +34 687 398 622t