How does ELK APM Java Agent get Use details

I want to know how exactly does APM agent extract user details from the request.
I know it is with the help of bearer token, but how and where exactly can I find it so that I can modify it because in my case using an IAM i.e. "Keycloak", the JWT is defined as such that i returns a UUID in "user.name" field instead of actual username.

Hi sarthik,

By default the agent should not capture any sensitive information, such as user details.

You can capture any information you like by using our public API.
In your code, you can just add new fields to transactions generated by the agent.
You just need to add code based on the following sample to your transaction processing:

Transaction currentTransaction = ElasticApm.currentTransaction();
if(currentTransaction != null) {
    currentTransaction.addCustomContext("user_details", yourUserDetailsHere);
}

Hi jonas,
thank you for the quick reply.

By user details, I mean the ‘user.name’ | ‘user.id’ | ‘user.email’, that is given by apm agent as we see in the metadata tab.

I just want to know how exactly or where does the apm agent extract this in apm agent source code

On top of what Jonas said, there is a special case for Servlet-based applications.

For those, the agent can call the getUserPrincipal method (as seen here in the agent instrumentation and thus automatically capture the user name.

So, if your application relies on servlets:

  • if you have a servlet filter that exposes a user principal (which is sometimes the case for authentication filters), then it can be automatically capture it
  • if you don't have such a servlet filter, then you can add one to your application and make it return the Principal return exactly what you need, without having a dependency on the agent API.

If your application does not relies on servlets, there is no "standard" API to deal with user details, thus you will be left to using the agent API that Jonas mentioned above.

This topic was automatically closed 20 days after the last reply. New replies are no longer allowed.