[keycloak-user] retrieving custom user attributes

Sebastian Rose sebastian.rose at aoe.com
Mon Oct 5 09:01:42 EDT 2015


Hi,

for me this works fine. You have to add a Mapping of Kind 'User Attribute' (Mapper Type) within Clients -> <Choose your client> -> 'Mappers'.

Best Regards,
Sebastian

Von: keycloak-user-bounces at lists.jboss.org [mailto:keycloak-user-bounces at lists.jboss.org] Im Auftrag von Arjan Lamers
Gesendet: Donnerstag, 1. Oktober 2015 16:18
An: keycloak-user at lists.jboss.org
Betreff: Re: [keycloak-user] retrieving custom user attributes

Hi,

Well, as far as I can see, the unmarshalled AccessToken does not contain any custom attributes. I would expect something like a Map<String,Object> where you can access additional attributes.
Just to be clear: the custom attribute I configured does appear in the JWT token, I am simply searching for an easy way to access them from Java.
There is an 'otherClaims' in the JsonWebToken, should they appear there? (They don't).

Kind regards,
Arjan Lamers



What do you want for an interface?  KeycloakSecurityContext has the
unmarshalled IDToken and AccessToken.

KeycloakPrincipal.getKeycloakSecurityContext().getToken()

On 9/30/2015 11:12 AM, Arjan Lamers wrote:
> Hi,
>
> I am trying to find an easy way to access custom attributes as defined
> for a client. For a Keycloak client, I?ve defined a new Mapper for a
> /user attribute/ to store some additional authorisation data. This then
> is managed by some user domain that uses the keycloak-admin-client to
> write that property.
>
> The problem arises when I want to access that property in an JEE
> application.The way I do it right now to use the KeycloakPrincipal found
> in the javax.ejb.SessionContext. From there, I get the JWT token as a
> String, deserialize the JSON and access the custom attribute from there.
> This feels like a very roundabout way to get to the token but somehow I
> am not able to find an easier way. Is it a missing feature or is it
> simply too close to the weekend for me ;)?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20151005/6a960d6d/attachment.html 


More information about the keycloak-user mailing list