Role not assigned in Keycloak although exists in kcc GCP store
jackalski opened this issue · 1 comments
jackalski commented
Created new client with Keycloak controller with specific serviceAccountRealmRoles:
kubectl -n myNamespace get kcc myClient -oyaml | yq '.spec.serviceAccountRealmRoles'
[
"admin"
]
It was not added to Keycloak, and token does not have it.
jackalski commented
Issue was due to duplicate roles entry in defaultClientScopes