Menu
I need to configure Keycloak so that it creates a JWT with claim "sub" populated with the username, instead of the default userId in sub.
It means that instead of this token:
{
"jti": "b1384883-9b59-4788-b09f-98b40b7e3c3b",
...
"sub": "fbdb4e4a-6e93-4b08-a1e7-0b7bd08520a6",
"preferred_username": "m123456"
}
I need to receive:
{
"jti": "b1384883-9b59-4788-b09f-98b40b7e3c3b",
...
"sub": "m123456",
"preferred_username": "m123456"
}
Could you please suggest how to do that?
I tried username mapper, but it adds a second "sub" claim and with the jwt is not valid.
800
or this way: with User Property Mapper type.
{
"id": "5d45fe41-83c6-4457-807b-5240ff7c09b9",
"name": "UsernameInSubject",
"protocol": "openid-connect",
"protocolMapper": "oidc-usermodel-property-mapper",
"consentRequired": false,
"config": {
"userinfo.token.claim": "true",
"user.attribute": "username",
"id.token.claim": "true",
"access.token.claim": "true",
"claim.name": "sub",
"jsonType.label": "String"
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
