I would like to know if there is a way to store "custom" information in my JWT token.

Right now I have a REALM created in Keycloak, then when I login against Keycloak, I get my access_token. If I decode my access_token, (from jwt.io) I obtain information like:

{
  "exp": 1656952366,
  "iat": 1656916366,
  "jti": "be89285a-dce9-4860-9849-396044b34578",
  "iss": "https://dev.domain.com/auth/realms/miREALM",
  "aud": "account",
  "sub": "95fa9b26-0fc8-48ac-820e-71cb70183c6b",
  "typ": "Bearer",
  "azp": "MyProject",
  "session_state": "ceb61406-as9c-47f4-1461-43a63ebf939d",
  "acr": "1",
  "realm_access": {
    "roles": [
      "default-roles-myproduct-myproject",
      "offline_access",
      "uma_authorization"
    ]
  },
  "resource_access": {
    "MyProject": {
      "roles": [
        "admin"
      ]
    },
    "account": {
      "roles": [
        "manage-account",
        "manage-account-links",
        "view-profile"
      ]
    }
  },
  "scope": "openid mapPermissions profile email",
  "realm-management": {},
  "email_verified": false,
  "security-admin-console": {},
  "MyPRoject": {},
  "preferred_username": "[email protected]",
  "account-console": {},
  "given_name": "Mark",
  "broker": {},
  "name": "Mark",
  "admin-cli": {},
  "family_name": "Mark",
  "email": "[email protected]",
  "account": {}
}

I would like to know if there is any way to create some node with custom information. For example, I would like to be able to save the address where the user lives, so I don't have to access my database to retrieve it.

CodePudding user response：

You can add a mapper to the client/client scope. There are different types that you can use. In your case "User Attribute" will be the best choise.