Closed GodMod closed 2 years ago
Is it difficult to add custom claims in Keycloak? If it's easy to add custom claims, then I hesitate to add more code to this plugin.
This can be solved by a keycloak client scope mapper with a custom script:
Script:
/**
* Available variables:
* user - the current user
* realm - the current realm
* token - the current token
* userSession - the current userSession
* keycloakSession - the current keycloakSession
*/
var client = keycloakSession.getContext().getClient();
var role = realm.getRole("admin");
exports = user.hasRole(role);
Perfect, thank you @Marmelatze
IDPs like Keycloak provide a "roles" claim, like this:
It would be great if we can define that when user has role "etherpad_admin", that the user flag "is_admin" is set. Currently, only checking if specific claims are set is possible.