I’d like to pass some static, temporary configuration value from a Keycloak OpenID Connect Identity Provider to my User Federation Provider, allowing to use it when adding and updating users logging in via the IDP.
While this works with a Hardcoded Attribute, the attribute is stored with the user in Keycloak’s local storage, which is unnecessary ballast.
So I’ve used a Hardcoded User Session Attribute instead and tried to get it from
session.getContext().getAuthenticationSession().getUserSessionNotes() in the User Federation Provider but the returned map is empty.
What am I doing wrong, and are there other ways to do it?