2

As said in the title, I want to retrieve the user session notes that I set during user authentication using this Admin Rest API endpoint: GET /admin/realms/{realm}/users/{id}/sessions.

I have successfully created a custom authenticator as suggested in this question and following the documentation

In my custom authenticator i set the user session notes i want

    @Override
    public void authenticate(AuthenticationFlowContext context) {

         context.getAuthenticationSession().setUserSessionNote("key", "value");
         
         context.success();
    }

But I cant see them using the Admin Rest API endpoint.

I was even able to map these session notes to a claim in my access tokens (and I can see the session notes in the token claims). But i dont need them in the token, i need to read them from the endpoint.

Is that supposed to work? Am I missing something?

peltren
  • 53
  • 1
  • 5

1 Answers1

0

I am still not sure if it is expected that this endpoint:

GET /admin/realms/{realm}/users/{id}/sessions

in the Admin REST API should return the user's session notes.

So I ended up adding a custom REST endpoint that returns a UserSessionModel which includes the user's session notes:

public class UserSessionProvider implements RealmResourceProvider {

    private final KeycloakSession session;

    public UserSessionProvider(KeycloakSession session) {
        this.session = session;
    }

    @GET()
    @Path("/{userId}")
    @Produces(MediaType.APPLICATION_JSON)
    public Response get(@PathParam("userId") String userId) {
    
        RealmModel realm = session.getContext().getRealm();
        UserModel user = session.users().getUserById(realm, userId);

        List<UserSessionModel> sessions = session.sessions().getUserSessionsStream(realm, user).toList();
    
        return Response.ok(sessions).build();
    }

}

If anybody knows about a better approach for this, I'd be grateful!

Cheers!

peltren
  • 53
  • 1
  • 5