Keycloak, openId-connect userInfo

14,531

if you have Client Secret key, then You can get the user role info by passing that secret key.

Share:
14,531
Dominik Koszkul
Author by

Dominik Koszkul

Updated on June 06, 2022

Comments

  • Dominik Koszkul
    Dominik Koszkul over 1 year

    I'm trying to get info about user roles using openId-connect endpoints of Keycloak. I'm using /auth/realms/moje/protocol/openid-connect/userinfo endpoint to get info about authenticated user. I'm able to get info about name, username, email etc. but I'm not able to force Keyclak to give me info about user roles.

    I've read openID documentation and I didn't find any info about got to get roles... I think that there must be a way to find out user roles... Maybe there is another endpoint... I can't find any info...

    So finally my question is : Is there any way to get info about user roles using openID connect endpoints ?

  • peterh
    peterh over 5 years
    I did, client_secret will be ordinary sent, and there is no change, role data is still missing from the userinfo response.
  • peterh
    peterh over 5 years
    Ok, I found. In fact, the case is much more complex, these answers explain it more detailed. Simply passing the client_secret will be probably not enough!
  • AlexanderRS
    AlexanderRS almost 2 years
    It may be useful If you issues long time tokens for technical users. Roles have been granted might be revoked but JWT still is correct. user-info returns actual roles