[keycloak-user] Authorization transfer
Pedro Igor Silva
psilva at redhat.com
Fri Nov 17 15:06:25 EST 2017
Right now you can't do it. This is all about the work we are doing to
better support UMA protocol. Soon you'll be able to let your users to
manage their resources (and their policies) from Keycloak Account Service,
grant and revoke access to other users, authorization flows. We are really
missing this.
However, I think you can try to use the Policy Management API. It provides
a RESTful API that you can use to manage permissions and policies. As an
example
https://github.com/pedroigor/keycloak/blob/cedc095a9c50a1d16482acbbc9876de1730c9fb1/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/UserPolicyManagementTest.java.
There are other tests in the same package for other permission and policy
types.
Please, let me know about your achievements if you start doing something
with the Policy Management API. Any feedback is welcome and will probably
help with the work I mentioned before around UMA.
On Fri, Nov 17, 2017 at 4:59 PM, Corentin Dupont <corentin.dupont at gmail.com>
wrote:
> Hi guys,
> is it possible for an application user to grant some authorizations to
> another user?
> For example in the photoz example, how can I give access to my albums to
> another user?
> What would be the mechanism?
>
> Thanks a lot
> Corentin
>
More information about the keycloak-user
mailing list