When I'm requesting a token from keycloak I want a specific header value (or extra form data) that was supplied in the request to be put in the JWT payload of the generated token. I've tried using a Script Mapper to get access to header values but I can't see how to get access to header values or data in the form data sent in any of the available script variables: user, realm, userSession, keyclockSession.
Asked
Active
Viewed 4,553 times
4
Shane Rowatt
- 1,951
- 3
- 27
- 44
1 Answers
6
You can get access to request headers using keycloakSession object, something like
keycloakSession.getContext().getRequestHeaders().getRequestHeader("User-Agent")
If you check the code for DefaultEvaluationContext class, that is how they add the User-Agent header.
Tatha
- 1,253
- 2
- 24
- 42
-
For mobile app can we use this to retreive device_id , device_model , etc to insert as claim? – Panup Pong Aug 26 '19 at 09:53
-
This is working for Basic Auth, for Oauth2 when I set clientId secret I am getting empty array for getRequestHeader. Not sure if there is any other way to get request headers. – MathGuy Sep 18 '19 at 03:31
-
It worked perfectly for me, using OIDC Confidential with client_id and secret and a custom http header. Thank you! – Dennis Meissel Feb 25 '22 at 13:34
-
so it seems that a custom mapper needs to be written in order to implement this functionality, right? – Kostia Shiian Aug 13 '22 at 12:31