Is it possible to sync groups via the OIDC login support in ODK-Central?
Keycloak allows you to set custom groups and it would be nice if users could automatically join projects in ODK Central that have the same name as those groups.
The reverse that joining a project in ODK Central adds one to a group in Keycloak would be nice as well.
Looking for the answer.
There is not currently any built-in functionality to sync users from an OIDC provider.
Your best bet right now would be to build your own small script or service. For example, you could periodically poll for users in both Central and Keycloak and align the two lists. Alternately, you could use an event-based approach using https://github.com/p2-inc/keycloak-events and ideas from Webhooks in ODK Central - #16 by spwoodcock
If there is an event created in the audit logs for the action you need (audits table), then you could possibly have that trigger a request to the keycloak API to do what you need.
It's a bit convoluted, but could work!
Thanks for the suggestions. That webhook system for Central sounds interesting, but in that combination it seems like it would only allow to push changes from Central to Keycloak, while for my application I would be more interested in the reverse.
I guess a script that interacts with the Central API could work though.