[keycloak-user] Realm wide custom id / access token claims.

Thomas Darimont thomas.darimont at googlemail.com
Fri Feb 5 09:28:16 EST 2016


Hello Bill,

seems to do what I need - I think it should be documented that changes in
client templates (e.g. configured mappers) are reflected in created clients.

Cheers,
Thomas

2016-02-05 15:05 GMT+01:00 Bill Burke <bburke at redhat.com>:

> See ClientTemplates
>
>
>
> On 2/5/2016 7:59 AM, Thomas Darimont wrote:
>
> Hello group,
>
> In my user model I have a custom user attribute that I want to make
> available to multiple
> clients via the id / access token with just one definition. Is this
> already possible somehow?
>
> Currently one can define custom mappers for a single client via:
> (In Admin Console) Realm -> Clients -> example-client -> Mappers -> create
>
> There I can specify a new mapper of type "user attribute" where I can
> refer to the actual user attribute, give it a "token claim name" (e.g.
> "myattribute") and specify whether this should be included in the ID and /
> or access token.
>
> The user attribute in the token can then be accessed from within the
> client via:
> KeycloakSecurityContext:getIdToken().getOtherClaims().get("myattribute")
>
> This apporach however requires that I configure this for every client -
> for which I already have 10 (trend: upwards)...
> It would make thinks a lot easier if it were possible to specify those
> mappers realm wide...
>
> PS: I'm currently using Keycloak 1.9.0.CR1
>
> Cheers,
> Thomas
>
>
> _______________________________________________
> keycloak-user mailing listkeycloak-user at lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
> --
> Bill Burke
> JBoss, a division of Red Hathttp://bill.burkecentral.com
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160205/7c53f76b/attachment.html 


More information about the keycloak-user mailing list