Need guidance on adding custom data claim to access token in Keycloak 26.4.0
35 views
Skip to first unread message
nainesh chovatiya
Oct 8, 2025, 2:59:06 AM (9 days ago) Oct 8
to Keycloak User
Hello Team,
We are working with Keycloak version 26.4.0 (OpenID Connect, confidential client).
I need to add a custom data claim inside the Keycloak access token.
Could someone guide which class or SPI we should override or extend to intercept token generation and inject custom claims?
Additionally, if there is a recommended way to achieve this using a Protocol Mapper or a specific Token SPI in the latest Keycloak version, kindly suggest that approach.
Thank you for your time and guidance,
Chovatiya Nainesh
Chovatiya Nainesh
Alexander Schwartz
Oct 9, 2025, 4:54:35 AM (7 days ago) Oct 9
to nainesh chovatiya, Keycloak User
Hi Nainesh,
This sounds like something that can be solved with an OIDC Protocol mapper.
When looking at the code base, have a look at classed that have AbstractOIDCProtocolMapper as a base class.
Maybe the FullNameMapper can be a good starting point to explore the concept.
Best,
Alexander
--
You received this message because you are subscribed to the Google Groups "Keycloak User" group.
To unsubscribe from this group and stop receiving emails from it, send an email to keycloak-use...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/keycloak-user/54d4eff8-00f1-4954-98a2-7d35b07cf01en%40googlegroups.com.
Alexander Schwartz, RHCE
He/Him
Principal Software Engineer, Keycloak Maintainer
IBM Deutschland Research & Development GmbH
Vorsitzender des Aufsichtsrats: Wolfgang Wendt
Geschäftsführung: David Faller
Sitz der Gesellschaft: Böblingen / Registergericht: Amtsgericht Stuttgart, HRB 243294
Reply all
Reply to author
Forward
0 new messages