Hi
I’m using LDAP auth and external Group with mapping to group AD. Now i including sso (keycloak) and create OIDC auth in Vault. But, groups OIDC has different accessor with LDAP and policy don’t mapping from users. Can i mapping oidc groups to group ldap?
Example create oidc auth:
vault write auth/oidc/config \
oidc_client_id="vault" \
oidc_client_secret="***" \
default_role="default" \
oidc_discovery_url="https://***/auth/realms/DOMAIN"
vault write auth/oidc/role/default \
bound_audiences="vault" \
allowed_redirect_uris="https://<url>/ui/vault/auth/oidc/oidc/callback" \
user_claim="preferred_username" \
policies="default" \
groups_claim="groups" \
ttl=1h