[keycloak-dev] A newly added Hardcoded Role mapper ignores users that have already logged in before
EXTERNAL Thiele Frank (TNG, INST-CSS/BSV-OS2)
external.Frank.Thiele at bosch-si.com
Thu Sep 19 07:14:33 EDT 2019
Hello,
In our project, we use the "Hardcoded role" mapper within a configured Identity Provider (also a Keycloak instance, in our case the same but a different realm) to describe that each user logging in via Keycloak shall be given a certain role.
This works perfectly if the mapper is configured before the first login of the user. The configured role is granted to the (cloned) user when he logs in the first time via Keycloak.
But when another "Hardcoded role" mapper is added to configure another role, then the user is not given the other role when he logs in. Only new users logging in the first time get both roles assigned.
Is this on purpose or a bug?
Mit freundlichen Grüßen / Best regards
Frank Thiele
Open Source Services 2 - Product Group Customer Success Services (INST-CSS/BSV-OS2) Bosch Software Innovations GmbH | Ullsteinstr. 128 | 12109 Berlin | GERMANY | www.bosch-si.com<http://www.bosch-si.com<http://www.bosch-si.com%3chttp:/www.bosch-si.com>>
external.Frank.Thiele at bosch-si.com<mailto:external.Frank.Thiele at bosch-si.com<mailto:external.Frank.Thiele at bosch-si.com%3cmailto:external.Frank.Thiele at bosch-si.com>>
Sitz: Berlin, Registergericht: Amtsgericht Charlottenburg; HRB 148411 B
Aufsichtsratsvorsitzender: Dr.-Ing. Thorsten Lücke; Geschäftsführung: Dr. Stefan Ferber, Michael Hahn, Dr. Aleksandar Mitrovic
More information about the keycloak-dev
mailing list