[keycloak-user] Recommended way to identify user from token

Bill Burke bburke at redhat.com
Tue Jun 10 09:14:19 EDT 2014


IDToken has a bunch of different claims you can configure the token 
service to stuff in it.  By default I think it is just username that is 
stuffed in the IDToken.

On 6/10/2014 1:16 AM, Conrad Winchester wrote:
> Hi,
> I have keyclick integrated into my application and have it protecting several end points. A user can login to get access to the protected resources by adding the bearer token into the authorisation header.
> I was wondering what the recommended way is to actually identify the user who has authenticated. Is this the way to do it?
>   	@Context
>    	private SecurityContext securityContext;
> .
> .
> .
>        KeycloakPrincipal principal = (KeycloakPrincipal)securityContext.getUserPrincipal();
>        logger.info("Logged in user: "+ principal.getName());
> I noticed the the name is the ‘id’ of the user from the keycloak table.
> Are there any other ways to get data from the token?
> Thanks
> Conrad
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user

Bill Burke
JBoss, a division of Red Hat

More information about the keycloak-user mailing list