How can I manage Keycloak User with OpenSearch Security API

According to this document.
Document Level Security in Elasticsearch — Part 1 | by Alon Aizenberg | Medium

It have command to create internal user by use Security API and setup User Attribute to GroupA and GroupB.

curl -XPUT "https://localhost:9200/_opendistro/_security/api/internalusers/quentin" -u admin:admin --insecure -H 'Content-Type: application/json' -d'
  "password": "tarantino",
  "attributes": {
    "groups": "groupA\", \"groupB"

But I’m already connect my OpenSearch Server and Dashboard to Keycloak.

So please suggest me how to use Keycloak User to map with groupA and groupB like that, Thank you.

@chanwitkepha You’ll need to create a User Realm Role in the OpenID client, create groups and assign them to the user.

1 Like