Re: [keycloak-user] Question regarding User Client Role mapper

Hi, I've solved this issue on my own, with trial and error and reading the source code of keycloak on github. The solution is a script mapper with the following javascript code (feel free to mod it): function logic() { var f = realm.getClients(); var currentClient = null; for (var i = 0; i < f.size(); i++) { // here replace rolemaptest with your client name. if (f.get(i).getClientId() == "rolemaptest") { currentClient = f.get(i); break; } } if (currentClient === null) { return "cant find current client"; } // getClientRoleMappings returns a Set object which needs to be converted to an array. Otherwise it just returns a list of nulls, dunno why var userRolesInClient = user.getClientRoleMappings(currentClient).toArray(); //var userRolesInClient = user.getRoleMappings().toArray(); if (userRolesInClient.length === 0) { return ""; } return userRolesInClient[0].getName(); } logic() ​ Cheers, Thomas ---- On Wed, 02 May 2018 10:05:07 +0100 Thomas <contact(a)pushrbx.net> wrote ---- Hi all, I have a question regarding the user client role mapper: How can I map the first role from the list of client roles to a field named "role" in the id token? I've got that far that I create a mapper but it only returns a "[]" string. Obviously I've already mapped the user to some client roles before I tried to get the token. Thanks, Thomas _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user