[keycloak-dev] Identity Provider Claim to Role Mapper new features

EXTERNAL Weimer Benjamin (TNG, INST-CSS/BSV-OS2) external.Benjamin.Weimer at bosch-si.com
Wed Sep 11 03:20:44 EDT 2019


Hi,

I would like to contribute features to the Identity Provider Claim to Role Mapper.


1.)    Regex support for claim values: My suggestion for this feature is to introduce a new checkbox in the Claim to Role Mapper to turn regex support for claim value on or off. By default the regex box is unchecked, so currently existing mappers won't change.

2.)    Support for multiple claims: Instead of providing one claim and one claim value the idea is to provide a map of claim -> claim value. The role will be assigned when all provided claims match the token. Is it okay to change the existing Claim to Role Mapper for this feature or should I rather introduce a new mapper for this, e. g. Multiple Claim to Role Mapper?

What are your thought on that? Do these two features have a chance to be contributed?

Best regards

Benjamin Weimer
INST-CSS/BSV-OS2

Tel. +49 30 726112-0



More information about the keycloak-dev mailing list