[keycloak-user] Having trouble with LDAP attribute mapping in 1.3.1

Kevin Thorpe kevin.thorpe at p-i.net
Thu Jun 18 11:50:32 EDT 2015


Thanks to the team for 1.3.1. We were eagerly waiting for that to add LDAP
attribute mappings which I see has now been done. Unfortunately I can't
seem to get it to work.

I have added a user attribute mapper to my ldap federation. This maps the
LDAP atribute 'applications' which exists on my LDAP user record to
'applications' in Keycloak.

I have also added a user attribute token mapper to my Keycloak client
definition to map user attribute 'applications' to token claim
'applications'. I've also asked to add to both id and access token.

However this attribute is not present in either the ID or access token when
testing. Is there something I've missed?

Something that may be an issue though is that I'm using a home written
openid-connect Lua client based on your javascript one. This uses the
endpoint /auth/realms/master/protocol/openid-connect/token. Is it that the
openid-connect endpoint doesn't support these attributes yet?


*Kevin Thorpe*
CTO, PI ltd
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20150618/678bbcaa/attachment.html 


More information about the keycloak-user mailing list