[keycloak-dev] token exchange permission model
Pedro Igor Silva
psilva at redhat.com
Fri Aug 18 13:11:07 EDT 2017
+1. I think exchange-to is enough for now.
On Fri, Aug 18, 2017 at 11:26 AM, Bill Burke <bburke at redhat.com> wrote:
> Right now I have a "exchange-from" and "exchange-to" permission when
> exchanging client->client tokens. I'm wondering if an "exchange-from"
> permission needs to exist? Would we ever have the case where a client
> is allowed to "exchange-to", but not "exchange-from"? I'm thinking this
> is just overboard and would rarely be used.
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
More information about the keycloak-dev