Mappers with token exchange do not saves custom attributes


Social login using token exchange does not save attributes when the login is made using the following post request:


client_id: web_app
client_secret: ****
grant_type: urn:ietf:params:oauth:grant-type:token-exchange
subject_token: github_user_token
subject_issuer: github

It saves the attributes correspondingly when the login is made from the browser accessing the: /auth/realms/{realmName}/account/applications

Am I missing something?


1 Like

Hi, can I ask if you managed to solve this issue?

I’m facing same problem on jboss/keycloak:10.0.2

Unfortunately, I couldn’t find a working solution using KeyCloak API.

I used Firebase authentication with a middleware filter that verifies, if token is valid create a new user or get the existing user from database, if not throw invalid credentials.

If you use Spring Boot you can find a working solution at

Thanks man, appreciate your response.

1 Like

we solved it by writng custom mappers (keycloak spi)

Hi, @kkcmadhu !

Can you provide a code example?