[keycloak-user] Set client roles to registered users automatically once synced from source LDAP/DB

[valsaraj pv]

Hi,

Here is the scenario:
Java web application client registers users to local LDAP/DB and sets roles.
These users are periodically synced to Keycloak. Roles are also synced once
as it not changed more often.
So when a user registered in local LDAP via application, they are also
reflected in Keycloak but they can't access web application after login via
Keycloak.
The new users can access only after setting client roles manually.
What is the best option to automate this. Is there is any API to set client
roles?
If available, we can't write code to set role in registration method since
the users will be synced to Keycloak only on next sync. Then option is a
delayed call which first ensures that the user reached Keycloak DB and then
set role.
Please share your thoughts!

Thanks!