IG 2023.11

UserProfileContext

When the UserProfileFilter processes a request, it injects the user profile information into this context. This context provides raw JSON representation, and convenience accessors that map commonly used LDAP field names to a context names.

Properties

The context is named userProfile, and is accessible at ${contexts.userProfile}. The context has the following properties:

"username": java.lang.String

User-friendly version of the username. This field is always fetched. If the underlying data store doesn’t include username, this field is null.

Example of use: ${contexts.userProfile.username}

"realm": java.lang.String

Realm as specified by AM, in a user-friendly slash (/) separated format. Can be null.

Example of use: ${contexts.userProfile.realm}

"distinguishedName": java.lang.String

Distinguished name of the user. Can be null.

Example of use: ${contexts.userProfile.distinguishedName}

"commonName": java.lang.String

Common name of the user. Can be null.

Example of use: ${contexts.userProfile.commonName}

"rawInfo": java.util.Map

An unmodifiable map in the format Map<String, Object>, where:

  • Key: Name of a field in an AM user profile

  • Value: Value of a field in an AM user profile

This context contains the object structure of the AM user profile. Any individual field can be retrieved from the map. Depending on the requested fields, the context can be empty or values can be null.

Examples of use: ${contexts.userProfile.rawInfo}, ${contexts.userProfile.rawInfo.username}, ${contexts.userProfile.rawInfo.employeeNumber[0]}.

"asJsonValue()": json.JsonValue

User profile information structured as JSON.

Example of use: ${contexts.userProfile.asJsonValue()}

Copyright © 2010-2023 ForgeRock, all rights reserved.