Thanks to the team for 1.3.1. We were eagerly waiting for that to add LDAP attribute mappings which I see has now been done. Unfortunately I can't seem to get it to work.

I have added a user attribute mapper to my ldap federation. This maps the LDAP atribute 'applications' which exists on my LDAP user record to 'applications' in Keycloak. 

I have also added a user attribute token mapper to my Keycloak client definition to map user attribute 'applications' to token claim 'applications'. I've also asked to add to both id and access token.

However this attribute is not present in either the ID or access token when testing. Is there something I've missed? 

Something that may be an issue though is that I'm using a home written openid-connect Lua client based on your javascript one. This uses the endpoint /auth/realms/master/protocol/openid-connect/token. Is it that the openid-connect endpoint doesn't support these attributes yet?

Kevin Thorpe
CTO, PI ltd