Right now, we are leveraging Keycloak as identity broker for SAML authentication along with external IDP(OKTA) and only the user roles are federated from LDAP. So far, this configuration is working perfectly fine. We are planning to migrate this configuration to OIDC instead of SAML. Is there any documentation available for this kind of migration.
How to configure Keycloak to automatically merge user roles from LDAP into OIDC token as it does for SAML assertion response after user successful authentication?
Thanks