I could not explain how to add additional claims from my application database. Given my limited understanding, I see two ways:
- After successful keycloak authentication, pull the excess claims from the application database. For example, this application database is postgres.
- Ask the application to update jwt with additional requirements using a shared key.
I would like to receive feedback on both ways. I feel that the first option may be safer. However, I do not know where to start this journey.
source
share