[keycloak-user] Adding custom user claims after login

Hi all, I would need to add dynamically some custom client-specific claims to a user's token after authentication. The basic idea is that I would need to call an external application, asking for the custom claims for the authenticated user for the target client. If I've understood correctly, I cannot do this with mappers, and I could not find a custom SPI type that fits this purpose. Is there a way to do this with Keycloak? Thanks, Paolo