Hi,

Well, as far as I can see, the unmarshalled AccessToken does not contain any custom attributes. I would expect something like a Map<String,Object> where you can access additional attributes.

Just to be clear: the custom attribute I configured does appear in the JWT token, I am simply searching for an easy way to access them from Java.

There is an 'otherClaims' in the JsonWebToken, should they appear there? (They don't).

Kind regards,

Arjan Lamers

What do you want for an interface? KeycloakSecurityContext has the
unmarshalled IDToken and AccessToken.

KeycloakPrincipal.getKeycloakSecurityContext().getToken()

On 9/30/2015 11:12 AM, Arjan Lamers wrote:
> Hi,
>
> I am trying to find an easy way to access custom attributes as defined
> for a client. For a Keycloak client, I?ve defined a new Mapper for a
> /user attribute/ to store some additional authorisation data. This then
> is managed by some user domain that uses the keycloak-admin-client to
> write that property.
>
> The problem arises when I want to access that property in an JEE
> application.The way I do it right now to use the KeycloakPrincipal found
> in the javax.ejb.SessionContext. From there, I get the JWT token as a
> String, deserialize the JSON and access the custom attribute from there.
> This feels like a very roundabout way to get to the token but somehow I
> am not able to find an easier way. Is it a missing feature or is it
> simply too close to the weekend for me ;)?