search

mrparkers / terraform-provider-keycloak

Terraform provider for Keycloak
https://registry.terraform.io/providers/mrparkers/keycloak/latest/docs
MIT License
612 stars 300 forks source link

Where to find information for a specific generic_protocal mapper #811

Closed danielr1996 closed 1 year ago

danielr1996 commented 1 year ago

I tried using the "User Attribute" Mapper with the keycloak_generic_protocl_mapper and the following code: 

resource "keycloak_generic_protocol_mapper" "attribute_mapper" {
  realm_id        = keycloak_realm.realm.id
  client_scope_id       = keycloak_openid_client_scope.clientscope.id
  name            = "accountId"
  protocol        = "openid-connect"
  protocol_mapper = "oidc-usermodel-attribute-mapper"
  config = {
    "user.attribute":"accountId"
    "tokenClaimName":"accountId"
  }
}

setting the User Attribute field the user.attribute config worked, however I'm stuck setting the Token Claim Name and Claim JSON Type since I don't now the config values.

What is a user supposed to do to obtain these information?

zivcex commented 1 year ago

I think you can see the keys here: org.keycloak.protocol.oidc.mappers.OIDCAttributeMapperHelper#createClaimMapper(java.lang.String, java.lang.String, java.lang.String, java.lang.String, boolean, boolean, boolean, java.lang.String)

You can find the code on github or in forks: https://github.com/carlosthe19916/repeidtest/blob/7e956f55ee30cf7d4e9086d6760246773dfb044d/manager/services/src/main/java/org/keycloak/protocol/oidc/mappers/OIDCAttributeMapperHelper.java#L39

danielr1996 commented 1 year ago

Thanks @zivcex that worked. In particular the keys were claim.name for the name of the attribute in the token and jsonType.label for the json type. Still a bit confusing, but at least one has a list of all the allowed properties and can try everyone out