I have setup keycloak v20.0.2 using corteza 2022.9.5. It’s working for logging in etc.
What is not working is assignment of initial role on account signup.

What I have done is create a workflow that assigns an initial role after signup (which works), but was wondering if the initial role could come from either the keycloak roles or groups. I have used the role scope in the scopes setup, but the initial role is not assigned.

Is this a functionality or better to stay with the workflow approach?

Corteza won’t pull roles from the auth provider, so what I’d suggest is either

• Manually create roles, set forced roles in the auth client settings
• Utilise workflows to pull roles from keycloak API (if even an option) and then create/assign roles as needed