Details
-
Bug
-
Resolution: Unresolved
-
Major
-
None
-
None
-
None
-
Unknown
-
Description
I am currently facing an issue while integrating XWiki with Keycloak using the OpenID Connect provider. The integration for actual user login is functioning correctly; however, I'm encountering a problem when attempting to utilize Keycloak groups to assign corresponding groups in XWiki.
Here's the relevant configuration I have set up:
... oidc.groups.claim=groups oidc.groups.mapping=Reader=bmnwikireader oidc.groups.mapping=Writer=bmnwikiwriter ...
I have already created the "Reader" and "Writer" groups within XWiki.
When I receive the token from the client created for the XWiki instance, the token's data includes the following:
"scope": "openid profile groups email", "groups": [ "bmnwikireader", ],
Despite following this configuration and providing the necessary group information, the mapping of groups from Keycloak to XWiki does not seem to work as expected. Users are still being added to the default "XWikiAllGroup" instead of being assigned to their respective groups.
I have spent a considerable amount of time adjusting the "groups" value and trying various configurations, but so far, I have not achieved the desired outcome.
I would greatly appreciate your assistance in resolving this issue. If there are any additional steps or adjustments that I need to make to ensure the accurate mapping of groups from Keycloak to XWiki, please kindly provide guidance. Thank you for your attention to this matter. I look forward to your guidance and assistance in resolving this issue.