[keycloak-user] Anonymous access to scoped resources
ebondu
dev.ebondu at gmail.com
Mon Feb 27 07:52:06 EST 2017
Hi all,
I am using Keycloak filters to secure a spring REST API and I need to
provide an anonymous access to a subset of resources having a given scope
(like 'urn:scope:read:public'). To me, anonymous means a unauthenticated
user without access token.
I defined a dedicted security chain to bybass the authentication filter but
the authorization filter is expecting an access token to grant requests, so
I can't use it.
Do I need to implement my own filter only based on the protection API to
retrieve and check scopes of requested resources or is there a better way to
grant access to resources for anonymous users ?
Thanks.
--
View this message in context: http://keycloak-user.88327.x6.nabble.com/Anonymous-access-to-scoped-resources-tp2929.html
Sent from the keycloak-user mailing list archive at Nabble.com.
More information about the keycloak-user
mailing list