Hello,
I have encountered an issue while attempting to link roles from Keycloak to groups in XWiki using the “OpenID Authentication with Keycloak” extension. The authentication confirmation is working successfully. However, despite my efforts, I have been unable to establish a connection between roles in Keycloak and groups in XWiki.
In Keycloak, I have created the following groups: “bmnwikireader” and “bmnwikiwriter”. I would like these groups to automatically correspond to the groups in XWiki with the same names.
I have reviewed the settings of the “OpenID Authentication with Keycloak” extension in XWiki, specifically the parameters:
#oidc.groups.claim=groups
#oidc.groups.mapping=bmnwikireader=bmnwikireader
#oidc.groups.mapping=bmnwikiwriter=bmnwikiwriter
my example token
"groups": ["bmnwikireader", "bmnwikiwriter"],
"scope": "openid email profile",
"email_verified": false
However, despite the provided settings, the groups from Keycloak are not being linked to the groups in XWiki.
Could you please advise me on how to successfully configure this integration? I would greatly appreciate detailed explanations of the steps or corrections to the settings in order to achieve the desired result.
Best regards, Alex