1 Feb
2021
1 Feb
'21
7:14 p.m.
Hello, In order to implement identity federation, I've deployed (with OSA) keystone (Ussuri) as Service Provider and Keycloak as IDP. As one can read at [1], "groups" can have multiple values and each value must be separated by a ";" But, in the OpenID token sent by keycloak, groups are represented with a JSON list and keystone fails to parse it well (only the first group of the list is mapped). Have any of you already faced this problem ? Thanks ! Jean-François [1] https://docs.openstack.org/keystone/ussuri/admin/federation/mapping_combinat...