search

p2-inc / keycloak-orgs

Single realm, multi-tenancy for SaaS apps
https://phasetwo.io
Other
417 stars 72 forks source link

Logged inuser added to organization automatically with all default roles when creating new organization - v23.0.5 #189

Closed dileep-ehr closed 8 months ago

dileep-ehr commented 8 months ago

Docker version 23.0.5

Steps to reproduce

  1. Login to master domain as admin
  2. create a new realm and change to it
  3. create a user and give all realm admin roles including organization roles
  4. logout admin and login in to the new realm with the new user
  5. Create a new organization

Now the logged in user is mapped to the new organization automatically with all organization related default roles.

Is this the expected behavior? Since this may be an realmAdmin user who is not part of all the organizations, we have to manually delete this user from all new organizations.

xgp commented 8 months ago

This is expected. The creator of an organization automatically defaults to be the organization admin.