Hi,
I have noted that it’s possible to map attributes from groups, roles and users into a JWT. However since keycloak doesn’t (from what I can see) store a last login time, how can I find this and then map it into the JWT?
Kind Regards,
One way you could possibly solve this is by creating a custom event listener and on a successful login event store or update an attribute in the user. You can map the user attribute in the token.
An example of setting a user attribute in an event listener can be found on https://github.com/zonaut/keycloak-extensions/tree/master/spi-event-listener
There could be an easier way but not one I know of. Maybe somebody else can chip in.