Unable to Retrieve gender and birthday from Google Identity Provider in Keycloak

Question

I'm using Keycloak with Google as an Identity Provider. While I can successfully retrieve the user's name, email, and profile picture, I am unable to fetch the gender and birthday attributes.

What I’ve Tried:

1. Added these scopes in Keycloak > Google Identity Provider > Advanced Settings:

   • https://www.googleapis.com/auth/user.gender.read

   • https://www.googleapis.com/auth/user.birthday.read

2. Created gender and birthday mappers inside the Google Identity Provider settings in Keycloak.

3. Added gender and birthday attributes in the User Profile under Realm Settings.

4. Tested with OAuth 2.0 Playground, and I can successfully retrieve both gender and birthday there.

Issue:

When using Keycloak’s login interface with Google, I only get the following attributes:

• Username

• Email

• First name

• Last name

• Profile picture

The gender and birthday are null.

What could be causing Keycloak to not retrieve these attributes, even though the scopes and mappers are correctly set up? Am I missing an additional configuration step in Keycloak?

Answer 1

Add a custom event listener to Keycloak. This makes a request to the People API (https://people.googleapis.com/v1/people/me?personFields=genders,birthdays) when the user uses sign in with google, retrieves values, and adds them to the user info. That worked for me.

Answer 2

Since your case is difficult to reproduce (especially without a detailed explanation of your exact setup), I can only make a guess.

Maybe birthday and gender info is set to Only you in your Google Account settings at https://myaccount.google.com/profile? When testing in the OAuth 2.0 Playground, you can see these details because you're accessing your own data, but this info may not be shared externally.