Initial role creation via keycloak

mperestrelo · January 14, 2023, 1:09pm

I have setup keycloak v20.0.2 using corteza 2022.9.5. It’s working for logging in etc.
What is not working is assignment of initial role on account signup.

What I have done is create a workflow that assigns an initial role after signup (which works), but was wondering if the initial role could come from either the keycloak roles or groups. I have used the role scope in the scopes setup, but the initial role is not assigned.

Is this a functionality or better to stay with the workflow approach?

tjerman · January 16, 2023, 8:50am

Corteza won’t pull roles from the auth provider, so what I’d suggest is either

Manually create roles, set forced roles in the auth client settings
Utilise workflows to pull roles from keycloak API (if even an option) and then create/assign roles as needed

ajaymatharoo · March 6, 2026, 1:11am

Hi @mperestrelo
Can you please share how you made the workflow that assigns role on user creation, having a hard time here

Toocky · March 6, 2026, 10:10pm

I can only add one image at a time

Toocky · March 6, 2026, 10:11pm

Toocky · March 6, 2026, 10:11pm

ajaymatharoo · March 13, 2026, 10:55pm

TYSM @Toocky
Let me try it out, it was the role membership function I was stuck at

ajaymatharoo · March 13, 2026, 11:17pm

Ok, the issue seems to be more than just workflow issue. I am not able to add a role to any user manually either.

Store error: pq: null value in column “rel_user” of relation “role_members” violates not-null constraint

cc @tjerman

jfortun · March 16, 2026, 11:36am

Did you check this in the changelog?
https://docs.cortezaproject.org/corteza-docs/2024.9/changelog/index.html#2024_09_06-important

https://docs.cortezaproject.org/corteza-docs/2024.9/devops-guide/upgrade/index.html#_upgrading_to_2024_9_6