How can I make Keycloak 16 log the access token, when using an Open-ID Connect identity provider? I need to see what claims the OIDC provider sends to Keycloak.
Asked
Active
Viewed 402 times
-1
-
Keycloak 16 is EOL and no longer supported. – Paul Feb 16 '23 at 11:54
-
"Questions should demonstrate reasonable business information technology management practices. Questions that relate to unsupported hardware or software platforms or unmaintained environments may not be suitable for Server Fault". Keycloak 16 is not merely some old number, it was built on Wildfly, and supported versions are built on Quarkus, in addition to other changes. Old versions of IAM tools seem to me clearly outside of "reasonable business information technology management practices." – Paul May 11 '23 at 12:18
1 Answers
1
You can enable token logging in the Keycloak server configuration. This will allow you to see the claims that the OIDC provider sends to Keycloak.
- Login to the Keycloak administration console.
- Select the realm that you want to configure from the dropdown in the top left corner.
- Click on the "Server" tab in the left-hand menu.
- Click on the "Logging" tab in the sub-menu.
- Scroll down to the "Token" section and set the "Token JSON" logging level to "DEBUG".
- Click "Save" to save the changes.
After you have enabled token logging, you can inspect the Keycloak server logs to see the access token and the claims that were sent by the OIDC provider.
Note that enabling token logging may have security implications and should only be used for debugging and troubleshooting purposes.
Salim Aljayousi
- 341
- 1
- 3