[keycloak-user] Transfer role claim from OIDC identity broker to keycloak JWT

Per Erik Gransøe Per.Erik.Gransoe at Systematic.com
Wed May 22 03:41:33 EDT 2019


Hi

I've setup my KeyCloak with an Azure AD as OIDC identity provider. The Azure AD IdP replies with user application roles in its token reply to KeyCloak, and I would like to add these roles to the resulting JWT token to the relaying parties. Can this be archived with one of the built-in identity provider mappers (if so, which one and how do I map/transfer the "roles" claim?), or will I need to implement a custom mapper?

Med venlig hilsen / Kind regards

[Systematic Logo]<http://www.systematic.com/>
Per Erik Gransøe
Senior Systems Engineer

Søren Frichs Vej 39, 8000 Aarhus C
Denmark

Mobile: +45 3038 6841
Per.Erik.Gransoe at Systematic.com<mailto:Per.Erik.Gransoe at Systematic.com>
www.systematic.com<http://www.systematic.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 1239 bytes
Desc: image001.png
Url : http://lists.jboss.org/pipermail/keycloak-user/attachments/20190522/88e85183/attachment.png 


More information about the keycloak-user mailing list