[keycloak-user] Recommended way to identify user from token
bburke at redhat.com
Tue Jun 10 09:14:19 EDT 2014
IDToken has a bunch of different claims you can configure the token
service to stuff in it. By default I think it is just username that is
stuffed in the IDToken.
On 6/10/2014 1:16 AM, Conrad Winchester wrote:
> I have keyclick integrated into my application and have it protecting several end points. A user can login to get access to the protected resources by adding the bearer token into the authorisation header.
> I was wondering what the recommended way is to actually identify the user who has authenticated. Is this the way to do it?
> private SecurityContext securityContext;
> KeycloakPrincipal principal = (KeycloakPrincipal)securityContext.getUserPrincipal();
> logger.info("Logged in user: "+ principal.getName());
> I noticed the the name is the ‘id’ of the user from the keycloak table.
> Are there any other ways to get data from the token?
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
JBoss, a division of Red Hat
More information about the keycloak-user