Extract payload data from the received access token and store in Keycloak

chriscurrie · October 30, 2021, 8:06pm

Hi, I have information in an OIDC provider’s payload that I need to store and reference from within Keycloak. Currently, I’m losing this information as the token that is returned to the application is from Keycloak and not the OIDC IDP.

How could I pull out the ‘vot’ (vectors of trust) within the IDP’s payload, store them in Keycloak against the user and also return them within the token returned from Keycloak? Ideally this needs to happen immediately after the login is successful with the IDP and the token is received into Keycloak.

Thanks.

Here’s an example of the Payload data within the body of the token. I’d wish to obtain the “vot” data.

{
   "iss": "https://auth.login.nhs.uk/",
   "vot": "P5.Cp.Cd",
   "vtm": "https://auth.login.nhs.uk/trustmark/login.nhs.uk"}

Thanks.

chriscurrie · October 30, 2021, 9:53pm

This turned out to be trivial.

I just needed to select my identity provider and create an attribute mapper.

Then, the attribute appeared within ‘attributes’ setting for that newly created user.

chriscurrie · October 30, 2021, 9:53pm

Topic		Replies	Views
Getting user info from remote IDP Getting advice oidc	9	3228	June 19, 2021
Fetch Identity Provider token in protocol mapper Extending the server identity-brokering , oidc	1	419	January 12, 2023
Creating an Identity Provider Mapper	1	1108	March 13, 2023
OIDC in Identity Provider Token retrieve oidc	0	82	February 14, 2024
How to populate IDToken attributes? Getting advice	0	308	February 16, 2021

Extract payload data from the received access token and store in Keycloak

Related Topics