[keycloak-user] UMA fine grained management in the client itself
Pierre Nowak
pnowak.pierre at gmail.com
Tue Nov 13 15:41:35 EST 2018
Hello,
I have difficulties finding the best way of protecting resources using
Authorization Services or UMA.
Here is the following problem:
user1 creates resource/item/id1
user2 creates resource/item/id2
I want to be able in my nodejs confidential client to:
1. list users that have access to a specific item (eg: item/id1)
2. list all resources a user has access to (not only the ones he has,
but also the ones other users shared with him)
3. permit a user to access a resource
4. remove the access of a user to a resource
I saw in photoz UMA example a nice UI directly in keycloak. I would like to
reproduce this tab directly in my client calling APIs to Keycloak. The
reason is the tab in the account page doesnt give enough functionality for
example if I want to join some detail about the resources that would only
be available in my resource server.
I saw the resource set api and a node package (
https://github.com/proficonf/keycloak-authz) that tries to manage the
resources only
but I can't find APIs that directly handle the 4 steps I just mentioned.
Thanks
More information about the keycloak-user
mailing list