We have microservice applications which uses KeyCloak for authentication. There are different microservice backends and single Front End. Front End uses "Auth Code flow" for login where as communication between microservices use "Client credenntial Flow"
General flow is as follows...
UI uses Auth code flow to authorize user and get token
UI calls backend service say BE1 using API call by passing token generated. As this token is generated using Auth code flow, it has user and other information related to user like email, so we have a way to identity which user it is.
From BE1 , we need to call one more service say BE2. This happens through "Client Credential Flow".(there is possibility that token received from UI might expire, so need to create new one). As this flow does not involve any user agent, we will not have any information about user. So, is there any way to define like mappers(claims) in keycloak whose values can be set dynamically while creating token?