<p dir="ltr">I think you can add claim mappers in the client configuration in Keycloak which can then be exposed as headers.</p>
<p dir="ltr">See mod_auth_oidc configuration for claim mapping.</p>
<p dir="ltr">Cheers,<br>
Thomas</p>
<div class="gmail_quote">Am 05.07.2016 11:33 vorm. schrieb "Subrahmanyam BV" <<a href="mailto:bvs78@rediffmail.com">bvs78@rediffmail.com</a>>:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><br>Hi Thomas, <div><span> Thanks for the quick reply . Here is the scenario that I am looking for. Once the user gets authenticated, is there a way to pass some attributes of the user (say for example, company, emailid, status of the user etc...) as a part of the response headers? </span></div><div><br></div><div>Regards,</div><div>Subrahmanyam.<br><br><br><br>From: Thomas Darimont <<a href="mailto:thomas.darimont@googlemail.com" target="_blank">thomas.darimont@googlemail.com</a>><br>Sent: Tue, 05 Jul 2016 11:54:44 <br>To: Subrahmanyam BV <<a href="mailto:bvs78@rediffmail.com" target="_blank">bvs78@rediffmail.com</a>><br>Cc: keycloak-user <<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a>><br>Subject: Re: [keycloak-user] Keycloak-Headerbased authentication<br><p dir="ltr">Hello,</p>
<p dir="ltr">I'm not familiar with siteminder and quickly googled <a href="https://docops.ca.com/ca-single-sign-on-12-52-sp1/en/configuring/web-agent-configuration/web-application-protection/default-http-headers-used-by-the-product" rel="external" target="_blank">https://docops.ca.com/ca-single-sign-on-12-52-sp1/en/configuring/web-agent-configuration/web-application-protection/default-http-headers-used-by-the-product</a></p>
<p dir="ltr">Based on that I think that mod_auth_oidc might do what you want.</p>
<p dir="ltr"><a href="https://github.com/keycloak/securing_apps_guide/blob/master/topics/oidc/mod-auth-openidc.adoc" rel="external" target="_blank">https://github.com/keycloak/securing_apps_guide/blob/master/topics/oidc/mod-auth-openidc.adoc</a></p>
<p dir="ltr"><a href="https://github.com/thomasdarimont/keycloak_mod_auth_oidc_example/blob/master/README.md" rel="external" target="_blank">https://github.com/thomasdarimont/keycloak_mod_auth_oidc_example/blob/master/README.md</a></p>
<p dir="ltr">Cheers,<br>
Thomas</p>
<div class="gmail_quote">Am 05.07.2016 6:44 vorm. schrieb "Subrahmanyam BV" <<a href="mailto:bvs78@rediffmail.com" target="_blank">bvs78@rediffmail.com</a>>:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">HI,<div><span> Just wanted to know whether keycloak supports header-based authentication as supported by siteminder. Please let me know on this.</span></div><div><span><br></span></div><div><span>Regards,</span></div><div><span>Subrahmanyam.</span></div><div><span><br></span></div><br><br>_______________________________________________<br>
keycloak-user mailing list<br>
<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br></blockquote></div>
</div><br></blockquote></div>