Hello Bill,

seems to do what I need - I think it should be documented that changes in client templates (e.g. configured mappers) are reflected in created clients.

Cheers,
Thomas

2016-02-05 15:05 GMT+01:00 Bill Burke <bburke@redhat.com>:
See ClientTemplates



On 2/5/2016 7:59 AM, Thomas Darimont wrote:
Hello group,

In my user model I have a custom user attribute that I want to make available to multiple 
clients via the id / access token with just one definition. Is this already possible somehow?

Currently one can define custom mappers for a single client via:
(In Admin Console) Realm -> Clients -> example-client -> Mappers -> create

There I can specify a new mapper of type "user attribute" where I can refer to the actual user attribute, give it a "token claim name" (e.g. "myattribute") and specify whether this should be included in the ID and / or access token.

The user attribute in the token can then be accessed from within the client via:
KeycloakSecurityContext:getIdToken().getOtherClaims().get("myattribute")

This apporach however requires that I configure this for every client - for which I already have 10 (trend: upwards)...
It would make thinks a lot easier if it were possible to specify those mappers realm wide...

PS: I'm currently using Keycloak 1.9.0.CR1

Cheers,
Thomas


_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user

-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com

_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user