Re: [keycloak-dev] fine grain permissions merged

Monday, 26 June 2017

Oh yeah, I forgot one thing.  Tokens generated for admin_cli and 
security-admin-console no longer have any roles within them. Admin REST 
API now checks the "aud" claim and doesn't look in token for roles 
anymore if the "aud" is admin_cli or admin-console.  Don't know if 
that's what you mean.

On 6/26/17 8:50 PM, John D. Ament wrote:
...
 Bill,

 Just wondering, does this mean the performance issues previously 
 identified aren't included?

 John

 On Mon, Jun 26, 2017 at 8:18 PM Bill Burke <bburke(a)redhat.com 
 <mailto:bburke@redhat.com>> wrote:

     See

     https://issues.jboss.org/browse/KEYCLOAK-3444

     It its currently limited to single realm administration. Can't define
     master realm fine grain permissions.  It was too much of a pain.  Also
     fixed the long standing issue of when admin with manage-users role
     could
     upgrade their management permissions. I'll be working on documentation
     in the next week or so and will get something in by 3.2 Final.

     Regards,

     Bill

     _______________________________________________
     keycloak-dev mailing list
     keycloak-dev(a)lists.jboss.org <mailto:keycloak-dev@lists.jboss.org>
     https://lists.jboss.org/mailman/listinfo/keycloak-dev

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

Re: [keycloak-dev] fine grain permissions merged