[keycloak-user] User Attributes -> User Attribute Mapper, Client Attributes -> no mapper?

Marek Posolda mposolda at redhat.com
Mon Mar 14 06:36:17 EDT 2016


We don't have a mapper for client attributes. There was no need for it 
until now AFAIK. You can either create JIRA to request it (but not sure 
when it will be done) or you can implement by yourself. See docs for 
providers and SPI [1]

[1] 
http://keycloak.github.io/docs/userguide/keycloak-server/html/providers.html

Marek

On 14/03/16 11:12, Bram Vonk wrote:
>
> Hi,
>
>
> We're adding specific User Attributes to Users, and use the User 
> Attribute protocol mapper to add those attributes to the JWT bearer 
> tokens the user gets when logging in.
>
>
> This works fine for keycloak Users (natural persons) using our secured 
> endpoints (APIs).
>
>
> We'd like to use the same concept for Clients (internal applications, 
> so no natural person is involved) that use our secured endpoints. 
> These Clients use client credentials to get a bearer token from 
> Keycloak. Clients can have Client Attributes, so that's half the 
> problem fixed. The other half is the protocol mapper: there is no 
> Client Attribute protocol mapper.
>
>
> Is there a specific reason there is no Client Attribute protocol 
> mapper? Are we doing something we shouldn't do? ;)
>
>
> Thanks,
>
>
> Bram Vonk
>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160314/823adc12/attachment.html 


More information about the keycloak-user mailing list