How to create a Script Mapper in Keycloak?

The magic of Script Mappers can be understood by looking at the keycloak sources here: Source

The script can return something by using the exports variable like this

exports = "Claim Value"

The different types:

Here is an example script:

// you can set standard fields in token
token.setAcr("test value");

// you can set claims in the token
token.getOtherClaims().put("claimName", "claim value");

// multi-valued claim (thanks to @ErwinRooijakkers)
token.getOtherClaims().put('foo',['bars'], "java.lang.String[]"))

// work with variables and return multivalued token value
var ArrayList = Java.type("java.util.ArrayList");
var roles = new ArrayList();
var client = keycloakSession.getContext().getClient();
var forEach = Array.prototype.forEach;, function(roleModel) {

exports = roles;

Hope it helps!

Leave a Comment