Hello group,

In my user model I have a custom user attribute that I want to make available to multiple 

clients via the id / access token with just one definition. Is this already possible somehow?

Currently one can define custom mappers for a single client via:

(In Admin Console) Realm -> Clients -> example-client -> Mappers -> create

There I can specify a new mapper of type "user attribute" where I can refer to the actual user attribute, give it a "token claim name" (e.g. "myattribute") and specify whether this should be included in the ID and / or access token.

The user attribute in the token can then be accessed from within the client via:

KeycloakSecurityContext:getIdToken().getOtherClaims().get("myattribute")

This apporach however requires that I configure this for every client - for which I already have 10 (trend: upwards)...

It would make thinks a lot easier if it were possible to specify those mappers realm wide...

PS: I'm currently using Keycloak 1.9.0.CR1

Cheers,

Thomas