Re: [keycloak-user] Recommended way to identify user from token

Tuesday, 10 June 2014

KeycloakPrincipal.getKeycloakSecurityContext().getIDToken()

IDToken has a bunch of different claims you can configure the token 
service to stuff in it.  By default I think it is just username that is 
stuffed in the IDToken.

On 6/10/2014 1:16 AM, Conrad Winchester wrote:
...
 Hi,

 I have keyclick integrated into my application and have it protecting several end points.
A user can login to get access to the protected resources by adding the bearer token into
the authorisation header.

 I was wondering what the recommended way is to actually identify the user who has
authenticated. Is this the way to do it?

   	@Context
    	private SecurityContext securityContext;
 .
 .
 .
        KeycloakPrincipal principal =
(KeycloakPrincipal)securityContext.getUserPrincipal();
        logger.info("Logged in user: "+ principal.getName());

 I noticed the the name is the ‘id’ of the user from the keycloak table.

 Are there any other ways to get data from the token?

 Thanks

 Conrad
 _______________________________________________
 keycloak-user mailing list
 keycloak-user(a)lists.jboss.org
 https://lists.jboss.org/mailman/listinfo/keycloak-user

-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

Re: [keycloak-user] Recommended way to identify user from token