mirror of
https://github.com/plankanban/planka.git
synced 2026-07-16 05:53:57 +03:00
OIDC admin problem with keycloak #521
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @atalatable on GitHub (Jun 10, 2024).
Hello,
I have Planka running with docker compose and a keycloak for sso.
I can successfully connect with my account but, even though I have the "admin" role, I am not identified as an admin.
I made sure I have those options:
Any ideas where that could come from ?
Thanks !
@meltyshev commented on GitHub (Jun 12, 2024):
Hi! I honestly have no idea what this problem could be related to... Maybe the role attributes are being passed in some other form or not passed at all. I'll add a "help wanted" label, maybe someone has already encountered this.
@zloveless commented on GitHub (Jun 13, 2024):
I'd suggest checking your access token to see if the 'admin' role is included in your groups claim. You might also check if keycloak is mapping a 'groups' claim for your client app. I used to use keycloak (now I use authentik), and you have to map properties in the client app role settings.
@atalatable commented on GitHub (Jun 18, 2024):
Hello, thanks for your help, it was indeed a problem with the role mapping in keycloak 😅
@WirtsLegs commented on GitHub (Jan 11, 2025):
Could you elaborate a bit on how you solved this? I'm fighting with this issue now, and its really not clear if its looking for client roles in keycloak or groups so I'm a bit confused on how to map this.
I've tried what most apps want which is basing off realm groups (where i have a admin group) then adding a mapper to the client which maps groups to the realm groups but planka doesn't seem to like that.