[keycloak-user] Additional additional parameters and processing them
Marek Posolda
mposolda at redhat.com
Fri Feb 26 00:35:46 EST 2016
Hi,
On 25/02/16 16:44, Reed Lewis wrote:
> First, I want to thank all the Keycloak developers for your great
> help. This is by far one of �the best supported and documented open
> source products I have used in a long time.
>
> My next question:
>
> Say I have the redirect to login using the following URI:
>
>
> https://<server>/auth/realms/<realm>/protocol/openid-connect/auth?response_type=code&client_id=broker&redirect_uri=http://localhost:5000/oauth2callback&scope=offline_access&nonce=fa7757e5-697c-4f3a-9760-610a6d19893b-d5c888df-3dd3-4a06-8ea0-7525fc9894de
>
Keycloak understands just OIDC related parameters, which are send to
this endpoint. However if you mean to add additional parameters to
redirectUri, you can do that. You can create protocol mapper to put some
custom claims into JWT. The value of redirectUri parameter is available
as clientSession note in Keycloak, so you can theoretically parse it and
put some claims into JWT based on that.
Marek
>
>
> And I wish to add additional parameters to the request which I can put
> into the JWT, or use the values as session attributes or the like.
>
>
> How do I do that?
>
>
> Thank you,
>
>
> Reed Lewis
>
>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160226/cd097bbb/attachment.html
More information about the keycloak-user
mailing list