[keycloak-user] common roles within multiple clients
Tim Dudgeon
tdudgeon.ml at gmail.com
Sun Aug 2 12:39:33 EDT 2015
Thanks. That does the job.
So its either realm roles or client roles, but there's no option to have
the union of both?
Tim
On 02/08/2015 14:08, Bill Burke wrote:
> Your client adapter config should have:
>
> "use-resource-role-mappings" : false,
>
> On 8/2/2015 4:04 AM, Tim Dudgeon wrote:
>> Because that doesn't seem to work. I already tried it.
>> I added a realm role to a user, but it does not allow to authenticate
>> from a client app.
>> In my understanding realm roles are for managing the realm, not for
>> client applications?
>>
>> Tim
>>
>> On 02/08/2015 04:31, Tair Sabirgaliev wrote:
>>> Why not specify roles at realm level and apply them once for a user?
>>>
>>> http://keycloak.github.io/docs/userguide/html/roles.html
>>>
>>>
>>>> On 2 авг. 2015 г., at 3:03, Tim Dudgeon <tdudgeon.ml at gmail.com> wrote:
>>>>
>>>> I have a keycloak realm that contains a number of clients (app1, app2,
>>>> app3 ...).
>>>> Those clients share a set of common roles (user, editor, manager ...).
>>>> Is there a way I can directly assign those roles to the keycloak user so
>>>> that they apply across all clients?
>>>> The only approach I can find is to set up each of those roles for every
>>>> client (e.g. for 5 clients set up 5 sets of identical roles) and then
>>>> for each client apply the relevant roles to each of the users (e.g.
>>>> repeat the same process for every user/client combination).
>>>> Is there a better way?
>>>>
>>>> Thanks
>>>> Tim
>>>> _______________________________________________
>>>> keycloak-user mailing list
>>>> keycloak-user at lists.jboss.org
>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
More information about the keycloak-user
mailing list