Re: [keycloak-user] Loading extra claims from database

I forgot to mention that obviously this procedure gets simplified if you access the database directly, just connect to the database from the mapper Nire Sony Xperia™ telefonotik bidalita ---- Amaeztu igorleak idatzi du ---- >Hi! > >I use the first option. I do it with a protocol mapper, which is a convenient place to do it because there the token is already built by keycloak but hasn't been signed yet. This is the procedure : > >1. User logs in > >2. My custom protocol mapper gets called, where I overwrite the transformAccessToken method > >3. Here I log in the client where the protocol mapper is in into keycloak, as a service. Here don't forget to use another client ID instead the one you're building the protocol mapper for, you'll enter an endless recursion otherwise. > >4. I get the access token into the protocol mapper and I call the rest endpoint of my application to grab the extra claims, which is secured > >5. Get the info returned by the endpoint and add it as extra claims > >Nire Sony Xperia™ telefonotik bidalita