12/05/2022 04:40 AM
We have a use case:
Write a CUSTOMPROPERTY value in Keycloak account based on the role membership of the identity, e.g. Because user x is member of role y, the customproperty6 in Active Directory gets value z.
What would be the best way to configure this?
12/05/2022 04:43 AM
considering both are different apps/ connector. You can create request rule to create update account tasks for ad or actionable report.
you can show value on request form or you can store mapping value on role customproperty
12/05/2022 04:56 AM
Sorry, there is a mistake in the use case. It would be in Active Directory, so if a user gets role x, the account in Active Directory should get value y in CUSTOMPROPERTY 6.
But how can we do this only when user gets role x? I don't see an option to get roles of a user in the rules.
12/05/2022 05:14 AM
Does Role is single select ?
You can show role Customproperty as dynamic attribute and use in connector.
In AD which property are you trying to update & when create& update?