module "giteaclient" { source = "./modules/kc-client" realm = var.realm client_id = "gitea" client_name = "Gitea" description = "git.tobiasmanske.de" root_url = "https://git.tobiasmanske.de" admin_url = "https://git.tobiasmanske.de" base_url = "" valid_redirect_uris = ["https://git.tobiasmanske.de/user/oauth2/Keycloak/callback"] web_origins = ["https://git.tobiasmanske.de"] } resource "keycloak_openid_user_property_protocol_mapper" "gitea-username-mapper" { realm_id = module.giteaclient.realm.id client_id = module.giteaclient.client.id name = "username" user_property = "username" claim_name = "preferred_username" add_to_userinfo = true add_to_access_token = true add_to_id_token = false } resource "keycloak_openid_user_client_role_protocol_mapper" "gitea-role-mapper" { realm_id = module.giteaclient.realm.id client_id = module.giteaclient.client.id # client_id_for_role_mappings = module.giteaclient.client.id multivalued = true name = "user-client-role-mapper" claim_name = "roles" add_to_userinfo = true add_to_access_token = true add_to_id_token = false }