[keycloak-user] Entitlement request with additional parameters
Pedro Igor Silva
psilva at redhat.com
Tue Apr 10 08:20:24 EDT 2018
Hi Corentin,
We are adding support for "pushed claims". That is the main task I'm
working with right now.
If you want to track the changes being made and provide any feedback,
please watch https://issues.jboss.org/browse/KEYCLOAK-4903. So far, I have
enabled pushing claims when using UMA and permission tickets. As you might
know, with the introduction of UMA 2.0 there is no specific endpoint for
entitlements anymore. Now permissions are evaluated using the token
endpoint. Next step is enable "pushed claims" to non-UMA requests (without
permission tickets, just like the old entitlement api).
On Tue, Apr 10, 2018 at 8:09 AM, Corentin Dupont <corentin.dupont at gmail.com>
wrote:
> Hi guys,
> I use the entitlement API to check access control on my resources. Here I
> check if a user can update a sensor:
>
> curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer
> $TOKEN" -d '{
> "permissions" : [
> {
> "resource_set_name" : "Sensors",
> "scopes" : [
> "sensors:update"
> ]
> }
> ]
> }' "http://localhost:8080/auth/realms/waziup/authz/entitlement/waziup"
>
>
> But I would like to make complex policies that check additional parameters,
> such as sensor status etc.
> How can I pass along the additional parameters to the request, and use them
> in my policies? I use javascript policies mainly.
>
> Thanks
> Corentin
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
More information about the keycloak-user
mailing list