We have a Keycloak instance that we proxy to from our app (mobile/desktop). We use Google idp to authenticate users, then we map their profile with some some specific internal data that we add into the token (userId for instance mapped in the client to each user) . As of yesterday, everything was working fine, and the token received from Keycloak was including the mapped values. Since this morning, some users aren’t able to log in because their tokens don’t include any of the mapped values. It only contains the google account’s ID as the preferred_username value . We are not able to find out what would have caused this change. Any ideas?