How to set up Azure IDP in Keycloak with custom user attributes


I have a Keycloak server and I have enabled Microsoft as an IDP and I have set it up in Azure. When we test we are able to authenticate but we don’t get the user attribute that we added to Azure (employeeID).

I can see the json formatted attributes when I enabled debug on “”. But it is not showing me the attribute “employeeID” that we have enabled in Azure and synced from Active Directory.

This shows up in the server log:
2020-10-22 15:01:48,831 DEBUG [] (default task-96) User Profile JSON Data for provider microsoft: {"@odata.context":“$metadata#users/$entity",“businessPhones”:[“5xxxxxx”],“displayName”:"Test User”,“givenName”:“Test”,“jobTitle”:null,“mail”:“test@example”,“mobilePhone”:“6xxxxxx”,“officeLocation”:null,“preferredLanguage”:null,“surname”:“User”,“userPrincipalName”:“test@example”,“id”:“XXXXXXXXXXXXXXXXXXXX”}

I have changed the user info for obvious reasons.

Should I change my configuration to something else than “IDP: Microsoft” which I found under Social. Should I use OIDC instead, will that change anything?