Probable Cause:
Grouping or role attributes are not being sent in the SAML response from Keycloak, or role mapping is not configured in the miniOrange plugin.
Solution:
- In Keycloak admin → Clients → your client → Mappers, add a mapper for group/role values.
- Configure the mapper to include the user’s groups/roles in the SAML response.
- In the miniOrange plugin → Attribute/Role Mapping tab, map the incoming group/role attribute to WordPress roles.
- Save settings and test login again.
Still need help?
Contact us at samlsupport@xecurify.com
