[keycloak-user] Recommended way to identify user from token
Bill Burke
bburke at redhat.com
Tue Jun 10 09:14:19 EDT 2014
KeycloakPrincipal.getKeycloakSecurityContext().getIDToken()
IDToken has a bunch of different claims you can configure the token
service to stuff in it. By default I think it is just username that is
stuffed in the IDToken.
On 6/10/2014 1:16 AM, Conrad Winchester wrote:
> Hi,
>
> I have keyclick integrated into my application and have it protecting several end points. A user can login to get access to the protected resources by adding the bearer token into the authorisation header.
>
> I was wondering what the recommended way is to actually identify the user who has authenticated. Is this the way to do it?
>
>
> @Context
> private SecurityContext securityContext;
> .
> .
> .
> KeycloakPrincipal principal = (KeycloakPrincipal)securityContext.getUserPrincipal();
> logger.info("Logged in user: "+ principal.getName());
>
> I noticed the the name is the ‘id’ of the user from the keycloak table.
>
> Are there any other ways to get data from the token?
>
> Thanks
>
> Conrad
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-user
mailing list