Hello group,
In my user model I have a custom user attribute that I want
to make available to multiple
clients via the id / access token with just one definition.
Is this already possible somehow?
Currently one can define custom mappers for a single client
via:
(In Admin Console) Realm -> Clients -> example-client
-> Mappers -> create
There I can specify a new mapper of type "user attribute"
where I can refer to the actual user attribute, give it a
"token claim name" (e.g. "myattribute") and specify whether
this should be included in the ID and / or access token.
The user attribute in the token can then be accessed from
within the client via:
KeycloakSecurityContext:getIdToken().getOtherClaims().get("myattribute")
This apporach however requires that I configure this for
every client - for which I already have 10 (trend: upwards)...
It would make thinks a lot easier if it were possible to
specify those mappers realm wide...
PS: I'm currently using Keycloak 1.9.0.CR1
Cheers,
Thomas