[keycloak-user] Group attribute lookup via NodeJS

Geoffrey Cleaves geoff at opticks.io
Fri Dec 7 05:11:01 EST 2018 

One option would be to create a custom mapper in Keycloak whereby you add
the data you're describing as a claim inside the token. You'll probably
need to use a script based mapper, which requires you to explicitly enable
the preview feature when launching Keycloak. See this related issue for
tips:
https://stackoverflow.com/questions/53367566/unable-to-setup-idp-token-exchange-in-keycloak-4-6-0-final

Otherwise, your backend can speak to the Admin REST API to get the data
your want. With this option you'll probably need to make multiple API
calls, one to get a list of the user's groups, and then another to get all
the metadata about each group:
https://www.keycloak.org/docs-api/4.6/rest-api/index.html



On Thu, 6 Dec 2018 at 22:54, Tom Barber <tom at spicule.co.uk> wrote:

> Hello folks
>
> I’ve got Keycloak hooked up to the NodeJS connector and I saw the info
> about getting the username and stuff back via:
>
>   console.log(req.kauth.grant.access_token.content)
>
> I’d also like to assign users to groups and store some metadata with those
> groups that the application can access. Is that possible using NodeJS
> either using the adapter or by some other mechanism?
>
> Thanks
>
> Tom
>
> --
>
>
> Spicule Limited is registered in England & Wales. Company Number:
> 09954122. Registered office: First Floor, Telecom House, 125-135 Preston
> Road, Brighton, England, BN1 6AF. VAT No. 251478891.
>
>
>
>
> All engagements
> are subject to Spicule Terms and Conditions of Business. This email and
> its
> contents are intended solely for the individual to whom it is addressed
> and
> may contain information that is confidential, privileged or otherwise
> protected from disclosure, distributing or copying. Any views or opinions
> presented in this email are solely those of the author and do not
> necessarily represent those of Spicule Limited. The company accepts no
> liability for any damage caused by any virus transmitted by this email. If
> you have received this message in error, please notify us immediately by
> reply email before deleting it from your system. Service of legal notice
> cannot be effected on Spicule Limited by email.
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user



-- 

Regards,
Geoffrey Cleaves

More information about the keycloak-user mailing list