Hi Community folk,
we just released version 1.4.0 of the Keycloak Identity Provider Plugin:
<dependency>
<groupId>org.camunda.bpm.extension</groupId>
<artifactId>camunda-bpm-identity-keycloak</artifactId>
<version>1.4.0</version>
</dependency>
Version 1.4.0 is a bug fix release.
Fixes in version 1.4.0:
-
Corrected rare problems with group queries of a single user in case the Keycloak Client name is similar to this username and config property
useUsernameAsCamundaUserId=true
-
For the technically interested: the bug had its cause in the fact that, behind the scenes, Keycloak creates a service account corresponding to a client. Combined with a non exakt query behaviour of Keycloak, the extension’s method for translating a username into the underlying Keycloak ID had a gap and might have picked up the wrong ID. Which results in a behaviour, where a user seems to have no groups.
-
This gap has now been closed. Even if the error only occurs in very specific setups, an update is recommended.
For more infos on the plugin see https://github.com/camunda/camunda-bpm-identity-keycloak
Best,
Gunnar