[keycloak-user] Additional token claims dynamically set via login by external Id Provider

Friday, 10 March 2017

Hello Keycloak Team

For logins taking place via keycloak login mask, I am able to edit a user property
"on the fly" in user-storage-provider's isValid-method and can add it into
the token (after adding an appropriate mapper for the corresponding client):

    @Override
    public boolean isValid(RealmModel realm, UserModel user, CredentialInput input)
..
            List<String> attr_dyn_list = new ArrayList<String>();
            attr_dyn_list.add("attr_dyn_val");
            local.setAttribute("attr_dyn", attr_dyn_list);
..

Now I also want to set an additional claim dynamically into an access token when a user
tries to log in (not only the first time) via an external Id Provider. Is there any hook I
can override to do so or is this feature planned to be implemented in near future?

Best regards, Eduard Matuszak

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

[keycloak-user] Additional token claims dynamically set via login by external Id Provider