[keycloak-user] Best way to add custom attributes to the user session?

Hi, We would like to a add custom attributes (using custom logic including custom database queries) to the user session in Keycloak on authentication. What is the best way to do this? We use an LDAP/AD user federation provider. Should we write a custom user attribute mapper and add it to our user federation provider? I guess we could also write a custom token mapper and misuse it a little in that it will only add data to the user session and not to the token? Previously we had a custom token mapper that added this custom data to the token, however it is becoming too much data and we have reached the max size limit (JWT tokens are transported as HTTP headers and those have a max size of 8kb). So now we are thinking of adding this data to the user session and Keycloak and when we need it later on get it from Keycloak using Keycloak’s REST API. cheers