Hello,
TL;DR:
I want to do a realm role mapping for specific clients only.
I am trying to assign a client role “Administrators” to all members of a specific Keycloak Realm-Group.
So I added a role mapping to the realm group and selected the client role for that specific client.
I would have expected, that the role name was only added to the ID-Token of THAT particular client, if only because it is the only one that actually HAS that role.
However, later I discovered that the role “Administrators” is added to ALL ID-Tokens regardless for which client they were issued or even if that client had such a role in the first place.
Is this expected behaviour, e.g. am I missing something?
Or is this a bug in KC 25.0.2?
Thank you for your advice.
Regards
FSeifer