[keycloak-user] API Token param
Marek Posolda
mposolda at redhat.com
Mon Jul 11 15:52:05 EDT 2016
You can set some additional parameters to Authentication Request (the
initial request from your app to the Keycloak) and every additional
parameter will be then saved to the clientSession note like
"client_request_param_foo" in case that name of your parameter is "foo"
. Then you can create ProtocolMapper implementation, which will read the
clientSession note and put the info as claim to the token. You can take
a look at
org.keycloak.protocol.oidc.mappers.UserSessionNoteMapper for inspiration - the only difference is, that you will need to call clientSession.getNote instead of userSession.getNote.
Marek
On 11/07/16 18:45, Harry Trinta wrote:
> I would like to save some notes about the app and/or the user in the
> token. For example, if the token is from a session that is being
> impersonated.
>
> 2016-07-07 17:27 GMT-03:00 Bruno Oliveira <bruno at abstractj.org
> <mailto:bruno at abstractj.org>>:
>
> I don't think that's possible. What exactly would you like to do?
>
> On 2016-07-07, Harry Trinta wrote:
> > Hi,
> >
> > When authenticate through the API token
> ("*/openid-connect/token"), is
> > possible to send a parameter (key/value) and this parameter be
> added to
> > access_token?
> >
> > Regards,
> >
> > Harry
>
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org <mailto:keycloak-user at lists.jboss.org>
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
> --
>
> abstractj
> PGP: 0x84DC9914
>
>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160711/d494d9fc/attachment-0001.html
More information about the keycloak-user
mailing list