[keycloak-user] Update user attributes on login
Dmitry Telegin
dt at acutus.pro
Wed Nov 14 13:02:34 EST 2018
Hello Oliver,
If you mean that very attributes that you can see under user's "Attributes" tab in Admin console, you can use script authenticator to do that:
function authenticate(context) {
var username = user ? user.username : "anonymous";
LOG.info(script.name + " trace auth for: " + username);
if (user) {
LOG.info(user.attributes.foo); // multivalued map
// replace existing value
user.attributes.foo[0] = "bar";
// or create new attribute
user.attributes.bar = java.util.ArrayList(['foo', 'bar', 'baz']);
}
context.success();
}
Add this as the last step in your flow and make it required. Please note that the attributes are always multivalued in the model. This is not yet implemented in the GUI, but you can use ## to separate multiple values. That said, the value of the "bar" attribute will be seen as "foo##bar##baz" under the Attributes tab.
Good luck,
Dmitry Telegin
CTO, Acutus s.r.o.
Keycloak Consulting and Training
Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
+42 (022) 888-30-71
E-mail: info at acutus.pro
On Wed, 2018-11-14 at 13:49 +0100, Oliver-Rainer Wittmann wrote:
> Hi,
>
> I have a running keycloak with a custom identity provider - corresponding implementation of AbstractOAuth2IdentityProvider
>
> On registration of a user certain user attributes are stored and mapped into the token.
> Now, I want to update these user attributes on following logins.
>
> How to do this?
> Unfortunately, I did not find a corresponding hint in the documentation.
>
> Thx in advance for your support.
>
> Best regards, Oliver
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list