ETA: I figured out that, with this setup, you can only change the display name through keycloak and if there is nothing set in the first and last name fields of the user acc on keycloak it will default the display name to the user id (or a hash of it if that option is selected). I’m still unsure how to get groups to work tho so if anyone has got this fully working with admin/other groups assigned through keycloak (rather than manually assigning groups in nextcloud) I would greatly appreciate some assistance with this.
Some or all of the below information will be requested if it isn’t supplied; for fastest response please provide as much as you can. 
The Basics
- Nextcloud Server version (e.g., 29.x.x):
NC 32.0.0.1
- Operating system and version (e.g., Ubuntu 24.04):
ubuntu 24.10 (NC-AIO running in docker)
- Web server and version (e.g, Apache 2.4.25):
Apache/2.4.65
- Reverse proxy and version _(e.g. nginx 1.27.2)
Traefik 3.5.3
- PHP version (e.g, 8.3):
8.3.26
- Is this the first time you’ve seen this error? (Yes / No):
yes
- When did this problem seem to first start?
when setting up OIDC for SSO using Keycloak
- Installation method (e.g. AlO, NCP, Bare Metal/Archive, etc.)
AIO docker
- Are you using CloudfIare, mod_security, or similar? (Yes / No)
Using cloudflare proxy pointed to a traefik instance
Summary of the issue you are facing:
After setting up OpenID Connect User Backend I am able to use keycloak to sign in and create accounts on Nextcloud however, I am unable to properly set Display Names, Quotas and Groups. I have Scope set to openid email profile, Extra Claims set to ownCloudGroups where I have configured an admin role under the nextcloud client in keycloak and within the client scopes > nextcloud-dedicated scopes the mappers ownCloudQuota and ownCloudGroups are set. Within the user in keycloak the user is in the admin role from nextcloud client, and the attribute ownCloudQuota is set. Is there something I haven’t configured or that I’ve misconfigured?
