Menu
I have configured a user my_user who belongs to my_group in Keycloak 4.8.3. I have then obtained an id token for it with grant type Resource Owner Password Credentials (ROPC). When I inspect the issued id token with a tool such as jwt.io I can see that the user's id and name are included as JWT clains sub and preferred_username respectively.
But where does group membership show up inside the JWT?
644
You need to create mapper. In Keycloak Admin Console go to Clients, choose your client, tab "Mappers", click Create in the header of the grid. In Mapper type combo choose Group Membership and fill other data (Name, Token Claim Name).
55
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
