terraform-provider-keycloak icon indicating copy to clipboard operation
terraform-provider-keycloak copied to clipboard

Published 20 hours ago verified publisher icon mrparkers

SAML Client RoleList mapper

Open seb-835 opened this issue 1 year ago • 2 comments

Hi, can i request your help, i do not find the way to declare a "SAML Client RoleList mapper" through the provider ?

i want to setup the following , like i may do through the GUI .

Name: roles
Mapper Type: Role list
Role attribute name: roles
Friendly Name: Roles
SAML Attribute NameFormat: Basic
Single Role Attribute: On

Thanks

seb-835 avatar Jul 20 '23 13:07 seb-835

This should help - https://github.com/mrparkers/terraform-provider-keycloak/issues/625

al-cheb avatar Jul 31 '23 10:07 al-cheb

I use e.g.

resource "keycloak_generic_protocol_mapper" "staff_aws_role" {
  for_each = {
    browser = keycloak_saml_client.aws.id
    cli     = keycloak_saml_client.aws_saml_cli.id
  }

  realm_id        = keycloak_realm.staff.id
  client_id       = each.value
  protocol        = "saml"
  protocol_mapper = "saml-role-list-mapper"
  name            = "Role"
  config = {
    "single"               = "true"
    "attribute.name"       = "https://aws.amazon.com/SAML/Attributes/Role"
    "attribute.nameformat" = "URI Reference"
  }
}

james-callahan avatar Aug 09 '23 02:08 james-callahan