Keycloak - Client Roles - Retrieve custom attributes
I have created a client role as special_agent and have added two attributes as approve_leave and raise_leave.
I'm using the Javascript adapter and am able to login successfully on my website. I'm also able to receive the client role that I have assigned to the user. I, however, want to get the custom attributes specified in the client role. Below is the result of the keycloak.tokenParsed
Is there a way to retrieve client role attributes? I looked for the Mappers in the Client settings, but couldn't figure out the details.
You can get the Client's role and attribute by API call. GET /{realm}/clients/{id}/roles/{role-name}
Example for)
There are a couple of requirements.
#1 User(agency_user) should assigned two roles(manage-realm, view-clients) in Keyclaok UI
#2 get access token by API and save into Postman variable
http://127.0.0.1:8080/auth/realms/test/protocol/openid-connect/token
Client id & secret get from Keyclaok UI as attached
#3 You should know the client ID by GET client API using #1 access token
http://127.0.0.1:8080/auth/admin/realms/test/clients
More detail information, Good Luck! https://www.keycloak.org/docs-api/11.0/rest-api/index.html#_roles_resource
- Use Keycloak Spring Adapter with Spring Boot 3
- KeyCloak - How to add Role's attribute into a user JWT (Access Token)?
- Keycloak - Client Roles - Retrieve custom attributes
- Configure Keycloak OTP via Administration REST API
- Blazor Hosted WebAssembly with Keycloak and Basic Authentication Issue
- KeyCloak Integration with Azure B2C UserName Mapping Issue
- Keycloak: Not able to load admin GUI/console
- Keycloak retrieve custom attributes to KeycloakPrincipal
- Keycloak SSL setup using docker image
- How to change keycloak jvm arguments via CLI in standalone configuration
- Logout from next-auth with keycloak provider not works
- Cannot find module 'keycloak-js/authz' while import with TypeScript
- How to bypass keycloak login page and provide client suggested idp with spring security
- Keycloak Custom message on user temporary lock
- Angular - Spring Boot - Keycloak - 401 Error
- Spring Security + Keycloak (with self signed certs) - How do you disable hostname verification?
- Keycloak, not returning access token if update password action selected
- Keycloack Custom Identity provider
- Keycloak lost admin password
- How to make keycloak sessions survive server restarts or upgrades?
- How can I authenticate using the token exchange grant type for impersonation with spring boot and keycloak?
- Keycloak Realm VS Keycloak Client
- retrieve google refresh token in keycloak
- Request header field sentry-trace is not allowed by Access-Control-Allow-Headers in preflight response
- What's the relationship between Keycloak SSO Session Idle Time and Spring Session Timeout?
- Keycloak and Spring Boot web app in dockerized environment
- NuxtJS + keycloak-js: frontend doesn't render the correct value
- Keycloak admin console loading indefinitely
- Keycloak SPI to update password with condition
- Keycloak Kafka - issue with Producer