[keycloak-user] Accessing authenticated user's details

Tim Dudgeon tdudgeon.ml at gmail.com
Mon Oct 26 04:52:10 EDT 2015

Wondered if anyone had any thoughts on this?

On 21/10/2015 12:04, Tim Dudgeon wrote:
> In the case of a web application (e.g. Tomcat app secured by the 
> keycloak adapter) the web app might need to access details of the 
> authenticated user (e.g. full name or email).
> I've found that this information is available from the session like this:
> KeycloakSecurityContext session = 
> (KeycloakSecurityContext)request.getAttribute(KeycloakSecurityContext.class.getName());
> IDToken idToken = session.getIdToken();
> String email = idToken.getEmail();
> One issue with this is that all your web apps are tied to keycloak.
> Is this the right way to handle this?
> Are there alternatives?
> Tim

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20151026/be776869/attachment.html 

More information about the keycloak-user mailing list