[keycloak-user] (no subject)

hmidi slim hmidi.slim2 at gmail.com
Tue Mar 6 13:46:45 EST 2018


Hi,
I'm trying to protect some resources of my node.js app using RBAC mechanism.

I have creted a realm called MyApp and a user called user, then I create
some realm roles such as: res_r (read resource), res_u (update resource),
res_d (delete_resource), res_c(create resource).

Then I tried to give the user User the realm roles: res_r

After I configure keycloak using keycloak-connect, I added:

const router = require('express').Router();
router.get('resource', keycloak.protect('realm: res_r'), handler)

However I'm not able to read the resource. I decode the authorization with
jwt I got in the token:
"realm_access": {
    "roles": [
      "res_r",
      "uma_authorization",
    ]
  },
  "resource_access": {
    "account": {
      "roles": [
        "manage-account",
        "manage-account-links",
        "view-profile"
      ]
    }
  },

How can I fix the probelm?


More information about the keycloak-user mailing list