Someone is going to need this feature before long.
Additional user attributes in the portal may be included in the ID Token as custom claims. Use the Spring property `org.apereo.portal.security.oauth.IdTokenFactory.customClaims` to specify which additional attributes to include. The claim name will always be the same as the attribute name. The JSON type of a custom claim will be inferred from it's value.