CCCHH/keycloak-attribute-endpoints-provider
0
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions
A Keycloak provider to get users profile attributes via authenticated API endpoints.
17 commits 2 branches 0 tags 151 KiB
  • Java 100%
Find a file
kritzl 4471b077b1
 rename provider
2026-02-17 15:26:47 +01:00
attribute-endpoints-provider rename provider 2026-02-17 15:26:47 +01:00
.gitignore gitignore .DS_Store and .vscode 2025-10-31 19:35:32 +01:00
compose.yaml rename provider 2026-02-17 15:26:47 +01:00
README.md Attempt to use the UiPageProvider to configure endpoints 2026-02-17 13:17:42 +01:00
realm-export.json Attempt to use the UiPageProvider to configure endpoints 2026-02-17 13:17:42 +01:00
test.json Attempt to use the UiPageProvider to configure endpoints 2026-02-17 13:17:42 +01:00

README.md

What does this Keykloak Provider do?

Export an anonymized list of User-Attribute values. This provider will provide an api endpoit for every configured attribute-group. Multivalues attribues are not supported (yet).

Configuration in Keykloak

  • Client with Service-Account
    • Assigned roles allow access to attribute export
  • User profile Groups with attributes
{
    "endpoints": [
        {
            "slug": "myattribute",
            "attribute-group": "myattributes",
            "match-role": "myattribute-access",
            "auth-role": "myattribute-export",
            "attribute-regex": "^(?<key>(ssh-ed25519 AAAAC3NzaC1lZDI1NTE5|ssh-rsa AAAAB3NzaC1yc2)[0-9A-Za-z+/]+[=]{0,3})(\\s.*)?$",
        }
    ]
}

We recommend using a client with service-account, but you can also use a bot-account to authenticate against the provider.