diff --git a/templates/group_created.json.j2 b/templates/group_created.json.j2 index d6e0052..74bbe47 100644 --- a/templates/group_created.json.j2 +++ b/templates/group_created.json.j2 @@ -178,6 +178,33 @@ } } }, + { + "name" : "pyrest", + "taskReferenceName" : "create_role_policy_member", + "type" : "SIMPLE", + "inputParameters" : { + "url" : "${init.input.keycloak_admin}/clients/${extract_client_id.output.result.client_id}/authz/resource-server/policy/role", + "body" : { + "name": "Member_policy", + "description": "", + "type" : "role", + "logic": "POSITIVE", + "decisionStrategy": "UNANIMOUS", + "roles" : [ + { + "id" : "${get_back_role_member.output.body.id}", + "required" : true + } + ] + }, + "method" : "POST", + "headers" : { + "Authorization" : "Bearer ${authorize.output.body.access_token}", + "Content-Type" : "application/json", + "Accept" : "application/json" + } + } + }, { "name" : "pyrest", "taskReferenceName" : "create_kc_group", @@ -753,7 +780,8 @@ "create_role_policy_dataminermanager", "create_role_policy_voadmin", "create_role_policy_vredesigner", - "create_role_policy_vremanager" + "create_role_policy_vremanager", + "assign_client_member_role_to_kc_group" ] }, { @@ -776,7 +804,8 @@ "${create_role_policy_dataminermanager.output.body.id}", "${create_role_policy_voadmin.output.body.id}", "${create_role_policy_vredesigner.output.body.id}", - "${create_role_policy_vremanager.output.body.id}" + "${create_role_policy_vremanager.output.body.id}", + "${create_role_policy_member.output.body.id}" ] }, "method" : "PUT",