Hi All, I've had a few questions about doing authorization against Keycloak roles. For any brave testers out there, I'm interested to get feedback on an initial implementation of that: How to: - Build master of http://github.com/apiman/apiman-plugins locally (`mvn clean install`) - Install the plugin via the UI (or API): G io.apiman.plugins A apiman-plugins-keycloak-oauth-policy V 1.1.1-SNAPSHOT - Set everything up in Keycloak. For instance, I added an application mapping role, apiman-service => apiman-gateway-user-role and a realm role `apiman-realm-role-example`. - Set up the Keycloak Oauth policy, including the realm and application mappings you're interested in. - You might want to disable "Require Transport Security" to make your testing easier. I'm interested to hear feedback - does this fulfil your requirements, are there any additional features that are required? Regards, Marc