Keycloak, openId-connect userInfo
14,531
if you have Client Secret key, then You can get the user role info by passing that secret key.
Author by
Dominik Koszkul
Updated on June 06, 2022Comments
-
Dominik Koszkul over 1 year
I'm trying to get info about user roles using openId-connect endpoints of Keycloak. I'm using /auth/realms/moje/protocol/openid-connect/userinfo endpoint to get info about authenticated user. I'm able to get info about name, username, email etc. but I'm not able to force Keyclak to give me info about user roles.
I've read openID documentation and I didn't find any info about got to get roles... I think that there must be a way to find out user roles... Maybe there is another endpoint... I can't find any info...
So finally my question is : Is there any way to get info about user roles using openID connect endpoints ?
-
peterh over 5 yearsI did, client_secret will be ordinary sent, and there is no change, role data is still missing from the userinfo response.
-
peterh over 5 yearsOk, I found. In fact, the case is much more complex, these answers explain it more detailed. Simply passing the
client_secret
will be probably not enough! -
AlexanderRS almost 2 yearsIt may be useful If you issues long time tokens for technical users. Roles have been granted might be revoked but JWT still is correct. user-info returns actual roles