I am using Keycloak 21.0.0 and I have managed to connect it with my Azure AD tennant.
My issue is that I am trying to get the groups, that are assigned to the user on Azure, into the token Keycloak gives me.
Do I have to make a provider that will map these? I have found some guides where it seems like the are making the groups in Keycloak too. I don't want to do that, I want it to be mapped when I assign a new group in Azure
The next thing is, that I use the employeeID on azure AD too. If I follow https://learn.microsoft.com/en-us/azure/active-directory/develop/jwt-claims-customization#view-or-edit-claims
and add it as a claim, I can't login. Keycloak responds with Unexpected error when authenticating with identity provider
Do I have to do something in Keycloak? I have googled and tried a few things, but nothing seems to work