Attribute Importer Mapper

Hi, I have added our AzureAD as an OIDC IdP in Keycloak. The access token issued by Azure contains a claim (“oid”) I want to map to a user attribute, so my ressource server can read the oid from the access token issued by Keycloak. I tried to achive this by using an “Identity Provider Mapper”. The documentation says it maps claims from ID, access token or the user profile endpoint. But the mapper only works with claims coming from the user profile endpoint. The claims in the access token are ignored. Did I missed something in the IdP config, or is this a bug? Is there a way to debug a mapper?

image

Thanks for your help in advance, if I can’t map this value we can’t use Keycloak for our application :frowning:!