Map "sub" to different claim for openid-userinfo

Hey
I currently have an application that performs a call to the openid-userinfo endpoint.
This application expects the user ID to be under the “id” claim. However, Keycloak returns it under the “sub” claim.
Is there any way to ‘remap’ the sub claim to id?

For reference, I’m using KC v24, so it’s not possible to use a custom JS claim, as it was removed at around v18.

Thanks in advance!

Uploading a script with the admin REST API und storing it in the DB was removed. Adding a script provider as jar file is still possible with no problems:
https://www.keycloak.org/docs/latest/server_development/index.html#openid-connect-protocol-mapper
Within the script:

token.setOtherClaims("id", user.id);

should do it.

1 Like