<div dir="ltr">Can you elaborate a bit on your use-case? Why would you have users that are not allowed to authenticate?</div><div class="gmail_extra"><br><div class="gmail_quote">On 28 July 2016 at 11:01, gambol <span dir="ltr"><<a href="mailto:gambol99@gmail.com" target="_blank">gambol99@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div class="gmail_quote"><br><div dir="ltr">Hiya<div><br></div><div>Assuming you have a realm with x client defined and each have a APP-USER role. Is there a way to authenticate a user only if the user have the role associated? ... </div><div><br></div><div>Obviously I can check the check the access token, or place a proxy in-front which does that for me, but is there a native way of saying ask for this scope and if you don't have it you are denied</div><div><br></div><div>Best Regards .. </div><div><br></div></div>
</div><br></div>
<br>______________________________<wbr>_________________<br>
keycloak-dev mailing list<br>
<a href="mailto:keycloak-dev@lists.jboss.org">keycloak-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-dev" rel="noreferrer" target="_blank">https://lists.jboss.org/<wbr>mailman/listinfo/keycloak-dev</a><br></blockquote></div><br></div>