Hello,
I’ve upgraded from Keycloak 15 to 21 and while I got most things working, it seems like one of the protocol mappers I had, which relied on a script, has stopped working…
This is my (old) working config (from the realm):
{
"id": "54bc90bb-6ca5-4a91-aea6-2e864491cfc0",
"name": "originalid-subject-mapper",
"protocol": "openid-connect",
"protocolMapper": "oidc-script-based-protocol-mapper",
"consentRequired": false,
"config": {
"userinfo.token.claim": "true",
"id.token.claim": "true",
"access.token.claim": "true",
"claim.name": "sub",
"jsonType.label": "String",
"script": "token.setSubject(user.getFirstAttribute(\"originalId\"));"
}
}
However, while I don’t see any errors or warnings in the logs, it seems like this isn’t working and instead I get the sub
as a UUID (which I don’t want).
I have the following features config on Keycloak: - KC_FEATURES=admin_fine_grained_authz,token_exchange,scripts
So, how do I get this working again in Keycloak 21?