[keycloak-dev] token exchange permission model

Pedro Igor Silva psilva at redhat.com
Fri Aug 18 13:11:07 EDT 2017

+1. I think exchange-to is enough for now.

On Fri, Aug 18, 2017 at 11:26 AM, Bill Burke <bburke at redhat.com> wrote:

> Right now I have a "exchange-from" and "exchange-to" permission when
> exchanging client->client tokens.  I'm wondering if an "exchange-from"
> permission needs to exist?  Would we ever have the case where a client
> is allowed to "exchange-to", but not "exchange-from"?  I'm thinking this
> is just overboard and would rarely be used.
> Bill
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev

More information about the keycloak-dev mailing list