[keycloak-user] Permission fro token exchange
James Mitchell
jamesm at suitebox.com
Tue Sep 3 18:34:16 EDT 2019
That worked!
So the fine grained authz feature handles whether the UI is visible, and
the token exchange feature handles whether the server supports token
exchange at all.
Thanks guys,
James
----
*James Mitchell*
Developer
e: jamesm at suitebox.com
w: www.suitebox.com
*SuiteBox |* Level 4, 8 Mahuhu Crescent, Auckland 1010, NZ
On Wed, 4 Sep 2019 at 09:52, Nalyvayko, Peter <pnalyvayko at agi.com> wrote:
> Hi James,
>
> Try also enabling admin_fine_grained_authz feature, in addition to
> token_exchange feature.
>
> Cheers,
>
> Peter
>
> -----Original Message-----
> From: keycloak-user-bounces at lists.jboss.org <
> keycloak-user-bounces at lists.jboss.org> On Behalf Of James Mitchell
> Sent: Tuesday, September 3, 2019 12:44 AM
> To: keycloak-user at lists.jboss.org
> Subject: [keycloak-user] Permission fro token exchange
>
> I am trying to use the token exchange preview feature.
>
> I have enabled it OK, and can see it in the UI server info as a preview
> feature (not a disabled feature).
> But I'm getting an error, that the client is not allowed to perform the
> exchange. The docs clearly say that I need to enable a permission on the
> Identity Provider
> https://www.keycloak.org/docs/6.0/securing_apps/index.html#_grant_permission_external_exchange
>
> My problem is that I do not see the Permissions tab when I look at the
> IDP... :(
>
> Can anyone suggest why the Permissions tab might be hidden?
>
> Thanks,
> James
>
>
> ----
>
> *James Mitchell*
>
> Developer
>
> e: jamesm at suitebox.com
>
> w: www.suitebox.com
>
>
> *SuiteBox |* Level 4, 8 Mahuhu Crescent, Auckland 1010, NZ
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
More information about the keycloak-user
mailing list