[keycloak-user] Additional token claims dynamically set via login by external Id Provider
Thomas Darimont
thomas.darimont at googlemail.com
Fri Mar 10 03:25:34 EST 2017
Hello Eduard,
do you set the attribute on the user? If so you could try to configure a
custom user-attribute mapper for your client.
The mapper could then inject the attribute value into the token with the
name provided in the mapper.
Cheers,
Thomas
2017-03-10 8:53 GMT+01:00 Matuszak, Eduard <eduard.matuszak at worldline.com>:
> Hello Keycloak Team
>
> For logins taking place via keycloak login mask, I am able to edit a user
> property "on the fly" in user-storage-provider's isValid-method and can add
> it into the token (after adding an appropriate mapper for the corresponding
> client):
>
> @Override
> public boolean isValid(RealmModel realm, UserModel user,
> CredentialInput input)
> ..
> List<String> attr_dyn_list = new ArrayList<String>();
> attr_dyn_list.add("attr_dyn_val");
> local.setAttribute("attr_dyn", attr_dyn_list);
> ..
>
>
> Now I also want to set an additional claim dynamically into an access
> token when a user tries to log in (not only the first time) via an external
> Id Provider. Is there any hook I can override to do so or is this feature
> planned to be implemented in near future?
>
> Best regards, Eduard Matuszak
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
More information about the keycloak-user
mailing list