How to get in keycloak a specific value from the openid connect (user info)?

Question

I'm trying to get the groups to which a user belongs, using the post man to make a request to http://mykeycloak/auth/realms/RealmX/protocol/openid-connect/userinfo with the Authorization header. If a do a get request I receve the json with sub, name and preferred_username this is ok. But when doing a post I get the error code 403. I just want to get the email.

POST /auth/realms/RealmX/protocol/openid-connect/userinfo HTTP/1.1 Host: mykeycloak Authorization: Bearer "atoken" claims: {"userinfo":{"email":null}}

What am I doing wrong?Already set up a mapper

score 0 · Answer 1 · answered Jun 21 '16 at 05:53

Keycloak and OpenID Connect are REST APIs, which means GET is used to fetch information, while PUT and POST are used to create and edit records.

In other words, doing a POST on userinfo implies you are attempting to update/edit the user's information. Reason for the 403 error is that POST is not allowed (i.e. no editing) via the userinfo endpoint.

How to get in keycloak a specific value from the openid connect (user info)?

1 Answers1