[keycloak-user] Unspecified behavior of token endpoint when obtaining permissions
Lamina, Marco
marco.lamina at sap.com
Tue Nov 13 18:44:20 EST 2018
Hi,
I am trying to use Keycloak’s token endpoint to obtain a list of all resources and the respective scopes that a user has permission to access. However, the behavior I am observing does not match what is described in the documentation (Link [1]). I am using the token endpoint as shown in Link [2].
Expected behavior:
Token endpoint returns a list of all resources and scopes that the token’s user has permission to access.
Observed behavior:
Token endpoint only returns resources that are owned by either the token’s user or the resource server itself. Resources owned by other users are not listed, even though the token’s user has permission to access them.
Is that a bug or expected behavior?
Links:
[1] https://www.keycloak.org/docs/latest/authorization_services/index.html#_service_obtaining_permissions
[2] https://issues.jboss.org/browse/KEYCLOAK-8768?focusedCommentId=13658545&page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel#comment-13658545
Thanks,
Marco
More information about the keycloak-user
mailing list