Reputation: 21
How to map azure object_id in oidc identity provider in keycloak?
As in the title, anybody knows how to get the object id of the user in oidc identity provider using keycloak?
I cannot figure out a way to add a custom mapper to get the user object id (as on the screenshot) when authenticating againt Azure Active Directory - when the Token (KeycloakAuthenticationToken) is populated to the Rest API, it does contain principal property from keycloak, not azure active directory.
Azure identifier:
I have sucessfully created a mapper for the groups - using this answer: https://stackoverflow.com/a/64411029/14320246
However there are available as additional attributes, as on screenshot Additonal attributes, but it is acceptable behaviour for also the oid param.
Upvotes: 2
Views: 1747
Answers (1)
Reputation: 21
You should use 'oid' claim in your mapper. But you have to change default scope at Identity provider -> provider name -> Settings -> Default Scopes to "openid profile"
Upvotes: 2
Related Questions
- Azure AD: how to key users when using OIDC and SCIM
- KeyCloak IdP brokering and multitenancy
- Azure Ad as OIDC Identity provider in keycloak, but a random UUId is added as IDP "userid" and not able to sync with the already existing user
- How to get OIDC provider (keycloak)configuration with the endpoint details?
- Keycloak for IDM
- How to get user's Object ID in Azure AD B2C oauth2 login
- custom oidc in keycloak
- How to add scopes to id token from api scopes
- How to pass Managed Identity Object ID to KeyVault template in Azure Blueprints
- node oidc-provider (for keycloak)