Description
Before reporting an issue
- I have read and understood the above terms for submitting issues, and I understand that my issue may be closed without action if I do not follow them.
Area
core
Describe the bug
In Keycloak 26.2.4, the generated access token for the client service account doesn't have any attributes directly assigned to it or inherited by assigned groups.
Version
26.2.4
Regression
- The issue is a regression
Expected behavior
Attributes directly assigned to the client service account user or inherited by groups appear in the access token.
Actual behavior
No attributes directly assigned to the client service account user or inherited by groups appear in the access token.
How to Reproduce?
I setup a client with Client Credentials Grant flow (Client Authetication=On and Service account roles=Checked).
I edited the client service account user and added an attribute rateLimiter=myrate and saved it. The generated access token doesn't have the rate_limiter claim.
I created a group with an attribute rateLimiter=myrate and assigned that group to the client service account. The generated access token still doesn't have the rate_limiter claim.
Anything else?
No response