keycloak - how to setup audience - a matter of associating roles to the client

 Let's say you wanted your client to issue a token that contains "audience" hardcoded a specific value. You can do that in keycloak by setting up Audience mapper under roles. 

To do that create your client, lets call it testspn. In your designated realm, goto "Roles". Then create a new role. Click on "Add mapper".



Then select "Audience". Please ensure that your existing client are not associated with any pre-existing role that has a audience mapper. Please remove it otherwise you would have conflicting audience.


Then fill in the require details as shown here. As you may have noticed, i am trying to setup a federated client to access Azure resources.



And finally associate the role to your client.





















Comments

Post a Comment

Popular posts from this blog

The specified initialization vector (IV) does not match the block size for this algorithm

Image
If you're getting  exception when trying to assigned key to a symmetric key and getting error message below :- The specified initialization vector (IV) does not match the block size for this algorithm And your code probably look like something below :- Then you need to go into debug mode and start looking into the supported size for IV as shown in diagram below :- As you can see, IV is 16 bytes, so you need to provide 16 bytes. The same goes for Key field too, if you're adding anything to it. As long as you provide a valid key size, then we're good and you're code will be ready.
Read more