Hi,

you probably don't need to change anything in keycloak model/storage. To add additional values for the user, you just need to do few changes in the UI. Model storage should be already flexible enough to support storing generic attributes. See this for more info: http://docs.jboss.org/keycloak/docs/1.2.0.Beta1/userguide/html/custom-user-attributes.html and this for how to map your generic attributes to accessToken/IDToken to see them in your application: http://docs.jboss.org/keycloak/docs/1.2.0.Beta1/userguide/html/mappers.html

ATM it's not possible to store dynamic attributes in to LDAP, but we're going to add it soon (probably in few months)

Marek

On 15.4.2015 18:24, Alik Kurdyukov wrote:

Hello!

First of all, thank you for implementing Keycloak, I made it work with Spring Security in a very short time.

I have architectural question: I need to store lots of additional field values for every user in the system. I see two ways:

1. extend existing Keycloak storage and add fields there

2. store additional info in the LDAP server and retrieve additional params by separate LDAP queries

What is the best way to store it?

--
Best regards,

Alik Kurdyukov
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user