In our project, we use UAA together with Keycloak (OIDC) to log in to the client. Right now, I am looking for the best way to store additional data (currently only a single property, but might be more in the future) for the logged in user.
The client needs to be able write and read this information. Side note: This information might be sensitive. So each user should only be allowed to access their own data and not the data of other users.
A potential use case that we have (simplified, but the important aspects are covered):
A user logs in to the BAP client and uses it to connect to a 3rd party server. This server returns an identifier (e.g. a session id). The client needs to persist this information permanently to be able to access it in later sessions and on other devices.
Does UAA offer a feature we can use to cover this use case? Or is there any other approach in A12 that we could use?
Important: I am looking for a solution that is independent from Keycloak. It should work independently from the chosen UAA authentication type.