I have a Keycloak setup with one or more “Keycloak OpenID Connect” IDPs and a User Federation Provider.
For a user to be initially created in the User Federation Provider at initial login via one of the IDPs, I have implemented the method
UserRegistrationProvider#addUser(RealmModel realm, String username).
It works fine but all I have to add the user is the username. Is there a way to get more information contained in the access token issued by the IDP, i.e. the firstname and lastname, and the roles?