[keycloak-user] Authorization Services - Admin Console
gambol
gambol99 at gmail.com
Thu Jun 28 06:25:45 EDT 2018
Hiya
I'm guessing this isn't possible yet but just in case, is it possible to
provide fine-grain controls over the creation of local accounts. At the
moment we have a project whom we to gave the ability to control membership
of one or more groups via "User Policy" in authorization services. We would
like them to be able to "create" a user as well, but retain the above
limitation. At the moment this doesn't look like its possible as the only
way to get the "Add User" button is to add the "manage-users" role from
"realm-management" .. This unfortunately gives the access to do anything
they want with the users .. adding a group, delete etc etc
Are there any plan's to extend the scopes available under the Users
resource type? ..
Rohith
More information about the keycloak-user
mailing list