[keycloak-user] User Organization / Subset of group roles

gareth at garethwestern.com gareth at garethwestern.com
Mon Aug 27 07:13:07 EDT 2018


Hi, 

We have a requirement that the users of our application can be associated
with an Organization (one of our application's business entities). The
customer would like each Organization to have one or more "roles" associated
with it, so that when a user is created and associated with that
organization then the user will inherit those roles. One complication is
that the customer may want the user to only have a subset of the
Organization roles. The current thinking is that each organization could be
a group, so that users and roles can be assigned to the group, but I'm not
sure how to handle the 'subset of group roles' issue. Is this something that
can be accomplished with Keycloak?

Kind regards,

Gareth

 



More information about the keycloak-user mailing list