How to register a custom ProtocolMapper in Keycloak?
It finally works. Even there are still open questions I could implement the needed functionality.
I had to implement the Interface
org.keycloak.protocol.oidc.mappers.OIDCAccessTokenMapper
(instead of org.keycloak.protocol.oidc.mappers.UserInfoTokenMapper
)
Now my transformAccessToken() method is called on every request to URL http://<host>:<port>/auth/realms/testrealm/protocol/openid-connect/token
I think the problem came from my misunderstanding of the terms AccessToken, UserInfo and IDToken. I thought all three are part of the token generated. But it seems the OIDCAccessTokenMapper is the only way to get additional information into the access token.
The remaining open question for me is where the UserInfo and the IDToken would appear. Maybe somebody can give an answer for that.