Token Mapper To Request Value on Client Credentials flow

I am new to Keycloak. I am trying to set up a scenario with a client credentials flow. I have configured a client that has an access type of confidential. This then gives me a client secret to use during the post request to the token endpoint to acquire and access token. I am looking to submit with the http request body an additional data pair, for example (key=entityid, value=718). So the post request is:

curl --location --request POST ‘http://localhost:8080/auth/realms/testingrealm/protocol/openid-connect/token
–header ‘Content-Type: application/x-www-form-urlencoded’
–header ‘Content-Type: application/x-www-form-urlencoded’
–data-urlencode ‘grant_type=client_credentials’
–data-urlencode ‘client_id=myclient’
–data-urlencode ‘client_secret=f44e48ef-a405-47ca-b664-888888888888’
–data-urlencode ‘entityid=718’

I am trying to find out how I can set up a mapper to pass through the value for “entityid” and transform it to “companyid” with the value of “718” that was submitted in the post request. This would then be added as a attribute on the access token.

Let me know if this is configurable, or if I will need to do some custom coding.

Any assistance is appreciated. Thanks!

1 Like