[keycloak-user] Question regarding User Client Role mapper

Thomas contact at pushrbx.net
Fri May 4 08:49:10 EDT 2018


Hi,



I've solved this issue on my own, with trial and error and reading the source code of keycloak on github.

The solution is a script mapper with the following javascript code (feel free to mod it):


function logic() { var f = realm.getClients(); var currentClient = null; for (var i = 0; i < f.size(); i++) { // here replace rolemaptest with your client name. if (f.get(i).getClientId() == "rolemaptest") { currentClient = f.get(i); break; } } if (currentClient === null) { return "cant find current client"; } // getClientRoleMappings returns a Set object which needs to be converted to an array. Otherwise it just returns a list of nulls, dunno why var userRolesInClient = user.getClientRoleMappings(currentClient).toArray(); //var userRolesInClient = user.getRoleMappings().toArray(); if (userRolesInClient.length === 0) { return ""; } return userRolesInClient[0].getName(); } logic()  ​


Cheers,
Thomas





---- On Wed, 02 May 2018 10:05:07 +0100 Thomas <contact at pushrbx.net> wrote ----




Hi all, 







I have a question regarding the user client role mapper: How can I map the first role from the list of client roles to a field named "role" in the id token? 



I've got that far that I create a mapper but it only returns a "[]" string. Obviously I've already mapped the user to some client roles before I tried to get the token. 







Thanks, 



Thomas 









_______________________________________________ 

keycloak-user mailing list 

keycloak-user at lists.jboss.org 

https://lists.jboss.org/mailman/listinfo/keycloak-user 








More information about the keycloak-user mailing list