I successfully enabled login into Mobilizon using OpenID Connect with Keycloak as provider. In Keycloak I enabled as an additional claim the user roles. At the moment I don’t know how to tell Mobilizon to make use of that claim, yet, if it’s even possible at all. Does Mobilizon support that?
thanks for your response. First, I need to clarify my wording. I wrote of « group provisioning » but forgot that « groups » might have a different meaning in Mobilizon. These are not what I’m talking about!
Mobilizon knows of 3 different roles –user, mod and admin–, and I’d like for users I have in Keycloak to assign those roles in Keycloak and have Mobilizon pick them up on login. I could provide an additional claim in OIDC but I’d like to know if Mobilizon is able to make use of such a claim, and if so how to tell which claim to evaluate.
In my case I want to provide my users with different services, not only Mobilizon. Instead of assigning roles in each service I’d like to do this centrally in Keycloak.