Fetch Logged In Username in a webapp secured with Keycloak

Question

I have secured an enterprise application with Keycloak using standard wildfly based Keycloak adapters. Issue that I am facing is that the rest web services when invoked, nee

Answer 1

In Keycloak 3.4.3 (may also work on earlier versions) I was able to map username to the sub token claim name. From the Keycloak admin interface this is done under Clients > [your-client] > Mappers > username and then enter sub in the Token Claim Name field. This has the advantage of actually changing the contents of the ID token returned by Keycloak rather than adjusting client-side as in the other answer. This is particularly nice when you're using a standard OpenID Connect library rather than an adapter provided by Keycloak.