[keycloak-user] Token Exchange First Login

[Graham Burgess]

I am having a problem where when I hit Keycloak up for a token exchange from an external IdP token to a Keycloak token, the first login response the access_token JWT does not content the custom attributes that are added to the newly created account. However, subsequent calls for a token exchange, the access_token JWT does contain the custom attributes that I mapped in the client as well as in the profile client scope. The mappers for the custom attribute I am primarily interested in have "Add to access token" and "Add to ID token" enabled.

I believe I am just being blind as to where I need to map it for first login so any pointers would be appreciated.
Best regards,
Graham Burgess
RΛZΞR|stormmore
Sr. DevOps Engineer (USA)
Email: graham.burgess at razer.com
DID: (415) 374 0639
[http://assets.razerzone.com/email/email-sig.jpg]
Razer.com<https://www.razer.com/> | Razer Game Store<https://gamestore.razer.com/> | Razer Insider<https://insider.razer.com/> | Razer zVault<https://zvault.razer.com/>

[https://upload.wikimedia.org/wikipedia/commons/thumb/c/c2/F_icon.svg/200px-F_icon.svg.png]<https://www.facebook.com/Razer>    [Twitter_Social_Icon_Rounded_Square_Color] <https://twitter.com/Razer>     [glyph-logo_May2016] <https://www.instagram.com/razer/>     [youtube_social_squircle_red] <https://www.youtube.com/Razer?sub_confirmation=1>
Razer Inc. (San Francisco)
201 3rd Street, Suite 900
San Francisco CA 94103, USA
Tel: +1 (415) 266 5300

Razer Inc. Stock Code: 1337.HK
IMPORTANT NOTICE: This e-mail may be confidential, legally privileged or otherwise protected from disclosure. If you are not an intended recipient, do not copy, distribute or use its contents. Do inform the sender that you have received the message in error and delete it from your system. E-mails are not secure and may suffer errors, computer viruses, delay, interception and amendment. Razer accepts neither risk nor liability for any damage or loss caused by this e-mail. To the extent permitted by applicable law, Razer reserves the right to retain, monitor and intercept e-mails to and from its systems.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 33672 bytes
Desc: image001.jpg
Url : http://lists.jboss.org/pipermail/keycloak-user/attachments/20180927/77125b7c/attachment-0001.jpg 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 1088 bytes
Desc: image002.png
Url : http://lists.jboss.org/pipermail/keycloak-user/attachments/20180927/77125b7c/attachment-0004.png 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.png
Type: image/png
Size: 1214 bytes
Desc: image003.png
Url : http://lists.jboss.org/pipermail/keycloak-user/attachments/20180927/77125b7c/attachment-0005.png 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.png
Type: image/png
Size: 930 bytes
Desc: image004.png
Url : http://lists.jboss.org/pipermail/keycloak-user/attachments/20180927/77125b7c/attachment-0006.png 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image005.png
Type: image/png
Size: 1337 bytes
Desc: image005.png
Url : http://lists.jboss.org/pipermail/keycloak-user/attachments/20180927/77125b7c/attachment-0007.png