Skip to content
K8SaaS

Group

Group handling

Section titled “Group handling”

This configuration defines a group within a Keycloak realm. Groups allow you to manage multiple users by assigning roles and permissions on a group level. In this example, a group named test-group is created, and the user admin is added as a member.

apiVersion: k8saas.io/v1alpha1
kind: KeycloakGroup
metadata:
  name: test-group
spec:
  realmId: k8saas
  name: test-group
  members:
  - admin
  roleIdsRefs:
  - name: otp-required

The otp-required role is defined by default by K8SaaS and requires the users to authenticate before accessing desired endpoints. This is forcing MFA. Learn more about OTP on the keycloak documentation.

You can add any role to the wanted group using this method.