module "seafileclient" { source = "./modules/kc-client" realm = var.realm client_id = "seafile" client_name = "Seafile" description = "files.unruhig.eu" root_url = "https://files.unruhig.eu" admin_url = "https://files.unruhig.eu" base_url = "" valid_redirect_uris = ["https://files.unruhig.eu/oauth/callback/"] web_origins = ["https://files.unruhig.eu"] } resource "keycloak_openid_user_property_protocol_mapper" "seafile-username-mapper" { realm_id = module.seafileclient.realm.id client_id = module.seafileclient.client.id name = "username" user_property = "username" claim_name = "preferred_username" add_to_userinfo = true add_to_access_token = true add_to_id_token = false } resource "keycloak_openid_user_client_role_protocol_mapper" "seafile-role-mapper" { realm_id = module.seafileclient.realm.id client_id = module.seafileclient.client.id # client_id_for_role_mappings = module.seafileclient.client.id multivalued = true name = "user-client-role-mapper" claim_name = "roles" client_id_for_role_mappings = module.seafileclient.client.id add_to_userinfo = true add_to_access_token = true add_to_id_token = false }