[keycloak-user] Obtaining full profile from "userinfo" endpoint
Brian Watson
watson409 at gmail.com
Thu Jun 30 10:41:08 EDT 2016
Hi all,
Keycloak version: 1.9.8
Here is my use case: I want to keep the access token JWS as lean as
possible, only containing user roles and a few custom claims I have added.
I want no PII in the access token. However, I would like my internal
services to obtain the full user profile (name, email, etc...) from the
OIDC "/userinfo" endpoint. Unfortunately, I can only seem to obtain the
"sub" claim and the few custom claims that already exist in the access
token. I don't see any support for adding scope values to the request.
Is there any way to accomplish what I would like, or any other ways of
obtaining this info that I may be missing?
Thanks in advance
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160630/6c953771/attachment.html
More information about the keycloak-user
mailing list