oidc keycloak connector - unable to map claims to role for connector #5843
-
Hi All, I am getting error "unable to map claims to role for connector" while using keycloak for oidc connection. I did check the groups and roles in the keycloak and everything seems fine Teleport image: quay.io/gravitational/teleport-ent:5.0 on Kubernetes RKE cluster INFO [AUDIT] user.login attributes:map[acr:1 at_hash:psFchHF4DrJGRtYttXdBAQ aud:oidc_client auth_time:1.614857615e+09 azp:oidc_client email:<user.name>@<domain.name> email_verified:false exp:1.614857915e+09 family_name:*** given_name:*** group:[offline_access, uma_authorization, _admin, user] iat:1.614857615e+09 iss:https://keycloak.<domain.name>/auth/realms/skypad jti:41d054a4-3801-41e0-b789-4ea14fc5fcc4 name:* preferred_username:<user.name> session_state:18b71d33-47c1-4539-83b4-07da7643b2ef sub:76642bfb-9244-462f-a0fc-366a1e840ee7 typ:ID] code:T1001W ei:0 error:unable to map claims to role for connector: oidc event:user.login message:unable to map claims to role for connector: oidc method:oidc success:false time:2021-03-04T11:33:35.157Z uid:e3ea4039-016f-4619-a3c9-064e688279f8 user: events/emitter.go:318 |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments 7 replies
-
@pankajpandey9 what is your connector setting to map the group to teleport roles? |
Beta Was this translation helpful? Give feedback.
#5843 (reply in thread)