New clients do not have built-in mappers but they can inherit some mappers from client scopes. See the <<_client_scopes, client scopes section>> for more details.
Protocol mappers map items (such as an email address, for example) to
a specific claim in the identity and access token. The function of a mapper should be self explanatory from its name. You can add pre-configured mappers by clicking the *Add Builtin* button.
Each mapper has a set of common settings. There are additional settings available, depending on the mapper type. Click the *Edit* button next to a mapper to access the configuration screen to adjust these settings.
Many OIDC mappers allow you to control where the claim gets placed. You can opt to include or exclude the claim from the _id_ and _access_ tokens by adjusting the *Add to ID token* and *Add to access token* switches.
Mapper implementations have _priority order_. _Priority order_ is not the configuration property of the mapper. It is the property of the concrete implementation of the mapper.
Mappers are sorted by the order in the list of mappers. The changes in the token or assertion are applied in that order with the lowest applying first. This means that implementations that are dependent on other
implementations are processed in the necessary order.
For example, to compute the roles which will be included with a token:
. Resolve audiences based on those roles.
. Process a JavaScript script that uses the roles and audiences already available in the token.
User session details are defined using mappers and are automatically included when you use or enable a feature on a client. You can click the *Add builtin* button to include session details.
The *Script Mapper* allows you to map claims to tokens by running user-defined JavaScript code. For more details about deploying scripts to the server, see link:{developerguide_jsproviders_link}[{developerguide_jsproviders_name}].