[keycloak-user] User Attributes -> User Attribute Mapper, Client Attributes -> no mapper?

Bram Vonk b.vonk at first8.nl
Mon Mar 14 06:12:24 EDT 2016


We're adding specific User Attributes to Users, and use the User Attribute
protocol mapper to add those attributes to the JWT bearer tokens the user
gets when logging in.

This works fine for keycloak Users (natural persons) using our secured
endpoints (APIs).

We'd like to use the same concept for Clients (internal applications, so no
natural person is involved) that use our secured endpoints. These Clients
use client credentials to get a bearer token from Keycloak. Clients can
have Client Attributes, so that's half the problem fixed. The other half is
the protocol mapper: there is no Client Attribute protocol mapper.

Is there a specific reason there is no Client Attribute protocol mapper? Are
we doing something we shouldn't do? ;)


Bram Vonk
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160314/fca09a9a/attachment-0001.html 

More information about the keycloak-user mailing list