Keycloak: How to hook into Google Identity Provider to add roles programmatically

1
votes

We use Keycloak with Google IDP to authenticate. When a user log in using Google, I want to hook into the flow to add some roles for that user session.

What should I do? I have tried creating to custom Authenticator but not sure this is the possible or best practice.

Please help! Thanks!

1
authenticationkeycloakidentity

1 Answers

1
votes

When a user log in using google, I want to hook into the flow to add some roles for that user session.

Not sure what you do mean by roles to the user session. However, if you mean add roles to the user yes you can do that out of the box for instance:

  • Go to your Realm;
  • Select Identity Providers;
  • Select you google IDP;
  • Switch to the tab Mappers;
  • Click on [Create]
  • Select as a Mapper Type : Hardcoded Role
  • Select the Role;
  • Click on [save].

enter image description here

Here is the list of Mapper Types available for the Google IDP:

enter image description here