Hello,
I have a Keycloak server and I have enabled Microsoft as an IDP and I have set it up in Azure. When we test we are able to authenticate but we don’t get the user attribute that we added to Azure (employeeID).
I can see the json formatted attributes when I enabled debug on “org.keycloak.social.user_profile_dump”. But it is not showing me the attribute “employeeID” that we have enabled in Azure and synced from Active Directory.
This shows up in the server log:
2020-10-22 15:01:48,831 DEBUG [org.keycloak.social.user_profile_dump] (default task-96) User Profile JSON Data for provider microsoft: {"@odata.context":“https://graph.microsoft.com/v1.0/$metadata#users/$entity",“businessPhones”:[“5xxxxxx”],“displayName”:"Test User”,“givenName”:“Test”,“jobTitle”:null,“mail”:“test@example”,“mobilePhone”:“6xxxxxx”,“officeLocation”:null,“preferredLanguage”:null,“surname”:“User”,“userPrincipalName”:“test@example”,“id”:“XXXXXXXXXXXXXXXXXXXX”}
I have changed the user info for obvious reasons.
Should I change my configuration to something else than “IDP: Microsoft” which I found under Social. Should I use OIDC instead, will that change anything?