I’ve looked at how user data is represented in Keycloak and looks like attribute values are represented as an array of strings instead of just a single values. This is represented in the admin GUI by allowing repeated keys in user attributes.
However, looks like this isn’t supported with the user attribute mapper. When I add a mapper for a repeated key I only get the first value in my access token and I see a warning “KC-SERVICES0046: Multiple values found ‘[91921921921, 123456]’ for protocol mapper ‘cusno’ but expected just single value” in Keycloak’s log.
Is there some way to tell the attribute mapper to just pass the list instead of coercing it to a string? Do I need a custom attribute mapper?
I’m using Keycloak 20.0.3.