Keycloak: Pass custom user attributes on Social Identity Provider Login

Question

On registration, Keycloak provides the ability to add custom user attributes via the Keycloak theme's registration page template via "input" elements that look something like:

<input id="user.attributes.[the_custom_attribute]" name="user.attributes.[the_custom_attribute]" />

However, this only seems to work if the user creates an account and submits the form.

If the user were to login via a Social Identity Provider (google, microsoft, github, etc...) how do we go about adding custom user attributes?

Answer 1

If you are using Social Identity Provider to login into application then the customer_attribute won't be available to you.

But if you still want that attribute to be set for that user before he/she logs in, then you can add custom required action to implement this feature. You can create new RequiredCustomAttribute action and enable it from Admin console.

Implement your own required action, similar to that of org.keycloak.authentication.requiredactions.UpdateProfile class provided by keycloak. You can mark your customer_attribute as required in this new required action flow.

When you do all above things, next time when user logs in using Social Identity Provider, he/she will be asked to enter custom_attribute on next page.