[keycloak-dev] fine grain permissions merged
bburke at redhat.com
Mon Jun 26 22:43:01 EDT 2017
Oh yeah, I forgot one thing. Tokens generated for admin_cli and
security-admin-console no longer have any roles within them. Admin REST
API now checks the "aud" claim and doesn't look in token for roles
anymore if the "aud" is admin_cli or admin-console. Don't know if
that's what you mean.
On 6/26/17 8:50 PM, John D. Ament wrote:
> Just wondering, does this mean the performance issues previously
> identified aren't included?
> On Mon, Jun 26, 2017 at 8:18 PM Bill Burke <bburke at redhat.com
> <mailto:bburke at redhat.com>> wrote:
> It its currently limited to single realm administration. Can't define
> master realm fine grain permissions. It was too much of a pain. Also
> fixed the long standing issue of when admin with manage-users role
> upgrade their management permissions. I'll be working on documentation
> in the next week or so and will get something in by 3.2 Final.
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org <mailto:keycloak-dev at lists.jboss.org>
More information about the keycloak-dev