Re: [keycloak-user] Passing information from custom Authenticator to a Token

Thanks for your reply :) I think (ab)using user attributes for storing temporary data is not a good idea, e.g. one would need to take care to clear that information etc. I'm currently using context.getClientSession().setUserSessionNote("key","value"); in combination with a user protocol mapper for "user session note". Cheers, Thomas 2017-04-21 13:40 GMT+02:00 Король Илья <llivezking(a)gmail.com&gt;: > First thing that came to my head is to populate required data to > attributes of UserModel and use mappers to map attr to AT claim, but > your way also look interesting and i don't see any problems here. > > > 21.04.2017 8:32, Thomas Darimont пишет: >> Hello group, >> >> I need to pass some information form a custom Authenticator to the >> IDToken/AccessToken. >> One way I found to do that is by using UserSessionNotes and a "User > Session >> Note" >> Protocol Mapper defined in a client template which is shared by all > clients. >> public void authenticate(AuthenticationFlowContext context) { >> ... >> >> context.getClientSession().getUserSessionNotes().put(" > someKey","someValue"); >> ... >> } >> >> is this the intended way to do this sort of things? >> >> Cheers, >> Thomas >> _______________________________________________ >> keycloak-user mailing list >> keycloak-user(a)lists.jboss.org >> https://lists.jboss.org/mailman/listinfo/keycloak-user > _______________________________________________ > keycloak-user mailing list > keycloak-user(a)lists.jboss.org > https://lists.jboss.org/mailman/listinfo/keycloak-user _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user