You can set some additional parameters
to Authentication Request (the initial request from your app to
the Keycloak) and every additional parameter will be then saved to
the clientSession note like "client_request_param_foo" in case
that name of your parameter is "foo" . Then you can create
ProtocolMapper implementation, which will read the clientSession
note and put the info as claim to the token. You can take a look
at
org.keycloak.protocol.oidc.mappers.UserSessionNoteMapper for inspiration - the only difference is, that you will need to call clientSession.getNote instead of userSession.getNote.
Marek
On 11/07/16 18:45, Harry Trinta wrote: