I am using Keycloak to connect to an external Identity Providers via OIDC.
Step 1 : I created standard mappers « Attribute Importer » to retrieve attributes using the claims supported by the IDP.
Examples of simple mappings :
- Name of my attribute in Keycloak : lastName
- Claim returned by the IDP : name
->Easy, that works.
Step 2 : I need to perform more complex mapping. That's where I need help.
The IDP has added in the userInfo nested arrays that I have to parse. From this parsing, I need to retrieve multiple values and return this to the client through the Keycloak JWT token.
In a nutshell what I need to do :
- in the userInfo returned by the IDP, I get nested arrays such as :
"claim": { // the claim
"id": 1,
"arrayOfAttributes": {
"attribute1": XX,
"attribute2": [
{
"**attributeIWant1**": 12,
"dateXX": "2023-01-01",
"attributeYY": XXX,
},
"attribute3": [
{
"**attributeIWant2**": 13,
"dateXX": "2023-01-01",
"attributeYY": XXX,
},
"attribute4": [
{
"**attributeIWant3**": 14,
"dateXX": "2023-01-01",
"attributeYY": XXX,
},
},
}
- I would like to retrieve the values from attributeIWant1, attributeIWant2 and attributeIWant3
- map these values to a multi-valued attribute in Keycloak (I read that the delimiter should be « ## » but not sure),
- and have this multi-valued attribute returned in the JWT token to the client.
-> Can you please guide me to the best/simplest solution ? Can I do that using the UI ? Or do I need to code a custom mapping ?
Thanks for your help,
