From 7b6546d9e5e0e2862965f54e05a3b576de249f28 Mon Sep 17 00:00:00 2001 From: mposolda Date: Fri, 2 Dec 2016 11:19:45 +0100 Subject: [PATCH] KEYCLOAK-3689 Update identityProvider docs about session data --- topics/identity-broker/session-data.adoc | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/topics/identity-broker/session-data.adoc b/topics/identity-broker/session-data.adoc index 72c3a65325..c4a7d6b28a 100644 --- a/topics/identity-broker/session-data.adoc +++ b/topics/identity-broker/session-data.adoc @@ -4,8 +4,12 @@ After a user logs in from the external IDP, there's some additional user session note data that {{book.project.name}} stores that you can access. This data can be propagated to the client requesting a login via the token or SAML assertion being passed back to it by using an appropriate client mapper. -BROKER_PROVIDER_ID:: +identity_provider:: This is the IDP alias of the broker used to perform the login. -You can use a <> to propagate this information to your clients. +identity_provider_identity:: + This is the IDP username of the currently authenticated user. This is often same like the {{book.project.name}} username, but doesn't necessarily needs to be. + For example {{book.project.name}} user `john` can be linked to the Facebook user `john123@gmail.com`, so in that case value of user session note will be `john123@gmail.com` . + +You can use a <> of type `User Session Note` to propagate this information to your clients.