[keycloak-user] regarding service accounts
Avinash Kundaliya
avinash at avinash.com.np
Mon Mar 27 04:47:46 EDT 2017
Hello,
I have been looking at service accounts recently. So, from what i
understand, for the service account to manage users and roles, it has to be
given the `realm_management.manage-users` client role right?
My confusion is that once a client has the following permission, it can
technically manage the roles for the whole realm right? Is there a way to
limit this to just the client. So, the client should be able to manage
roles and user-role mapping for the client itself.
Is it possible to do something like that?
--
---
Avinash Kundaliya
avinash at avinash.com.np
http://avinash.com.np
More information about the keycloak-user
mailing list