OIDC and Role mapping from Own DB
8 views
Skip to first unread message
Naresh Shrestha
Nov 27, 2025, 11:55:00 PM (2 days ago) Nov 27
to WildFly
Thanks in advance. I just implemented the oidc system which was so fluent.
My goal is to implement the Authorization Code flow where OIDC_IDP handles user identity, and WildFly retrieves roles and permission from a local DB. I have mapped the Id and the roles in my database and according to which our application will know the authZ.
Problem I am facing.
I am now encountering 400 invalid_grant errors and infinite redirect loops, despite ensuring the Allowed Callback URLs in OIDC_IDP exactly match the redirect URIs observed in the browser network logs.
What I Did:
Created a JDBC Realm: configured to query user_role table using the OIDC sub ID (oidc_id column) to fetch roles.
I also tried using aggregate-realm and mapped authN and authZ realm but, later found out this is not the best practice.
How can I solve this problem and what is the best practice to follow?
Wildfly version that I am using is 26.1.2
Problem I am facing.
I am now encountering 400 invalid_grant errors and infinite redirect loops, despite ensuring the Allowed Callback URLs in OIDC_IDP exactly match the redirect URIs observed in the browser network logs.
What I Did:
Created a JDBC Realm: configured to query user_role table using the OIDC sub ID (oidc_id column) to fetch roles.
I also tried using aggregate-realm and mapped authN and authZ realm but, later found out this is not the best practice.
How can I solve this problem and what is the best practice to follow?
Wildfly version that I am using is 26.1.2
Reply all
Reply to author
Forward
0 new messages