[keycloak-user] Is there a way to tell which protocolMappers are active for a client using kcadm.bat/sh?

Adrian Madaras madaras_adrian at yahoo.com
Wed Jul 19 10:08:46 EDT 2017


Hi everyone,
I am using the kcadm.bat to create clients. Everything works well until the part with the "protocolMappers". Is there a command in kcadm.bat which can assign and activate the "protocolMappers" ("Mappers" in the client tab of the U.I.) for my specific client?
I couldn't find any reference to this point online. Theoretically there should be a variable in the protocolMapper, like isActive=true, that tells the client to send the following mappers in the response, but currently there is none.
This is what a current protocolMapper contains (this is active in the U.I. by the way):"protocolMappers" : [ {    "id" : "e41c6882-da3f-4f95-b5e4-9c584615fb1e",    "name" : "X500 givenName",    "protocol" : "saml",    "protocolMapper" : "saml-user-property-mapper",    "consentRequired" : true,    "consentText" : "${givenName}",    "config" : {      "attribute.nameformat" : "urn:oasis:names:tc:SAML:2.0:attrname-format:uri",      "user.attribute" : "firstName",      "friendly.name" : "givenName",      "attribute.name" : "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname"    }  }, { ........... THE REST OF THE MAPPERS ...............} ]
As you can see there is no attribute which tells us that this mapper is active for this client. I think there is only a table in the DB that marks this but this is kind of odd being so that I can create a client but not attribute mappers to it.
Am I missing something?
Thanks,
Adrian


More information about the keycloak-user mailing list