[keycloak-user] retrieving custom user attributes
sebastian.rose at aoe.com
Mon Oct 5 09:01:42 EDT 2015
for me this works fine. You have to add a Mapping of Kind 'User Attribute' (Mapper Type) within Clients -> <Choose your client> -> 'Mappers'.
Von: keycloak-user-bounces at lists.jboss.org [mailto:keycloak-user-bounces at lists.jboss.org] Im Auftrag von Arjan Lamers
Gesendet: Donnerstag, 1. Oktober 2015 16:18
An: keycloak-user at lists.jboss.org
Betreff: Re: [keycloak-user] retrieving custom user attributes
Well, as far as I can see, the unmarshalled AccessToken does not contain any custom attributes. I would expect something like a Map<String,Object> where you can access additional attributes.
Just to be clear: the custom attribute I configured does appear in the JWT token, I am simply searching for an easy way to access them from Java.
There is an 'otherClaims' in the JsonWebToken, should they appear there? (They don't).
What do you want for an interface? KeycloakSecurityContext has the
unmarshalled IDToken and AccessToken.
On 9/30/2015 11:12 AM, Arjan Lamers wrote:
> I am trying to find an easy way to access custom attributes as defined
> for a client. For a Keycloak client, I?ve defined a new Mapper for a
> /user attribute/ to store some additional authorisation data. This then
> is managed by some user domain that uses the keycloak-admin-client to
> write that property.
> The problem arises when I want to access that property in an JEE
> application.The way I do it right now to use the KeycloakPrincipal found
> in the javax.ejb.SessionContext. From there, I get the JWT token as a
> String, deserialize the JSON and access the custom attribute from there.
> This feels like a very roundabout way to get to the token but somehow I
> am not able to find an easier way. Is it a missing feature or is it
> simply too close to the weekend for me ;)?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the keycloak-user