[keycloak-user] Service account token mappers?
Gary Kennedy
gary at apnic.net
Thu May 2 02:18:06 EDT 2019
I want to use a service account token to call the admin API (for it's realm) and have discovered that the token needs the "resource_access" claim (with appropriate "realm-management" roles).
I don't want user tokens generated through the client to have the claim (unless absolutely necessary).
How can I get mappers to only apply to the service account token? Or find the mappers used for the service account tokens?
If I add the client roles mapper to the client I still don't get the "resource_access" claim in the service account token.
(Keycloak 4.8.2)
Cheers,
Gary
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3492 bytes
Desc: not available
Url : http://lists.jboss.org/pipermail/keycloak-user/attachments/20190502/1b76fe20/attachment.bin
More information about the keycloak-user
mailing list