On 07/28/2015 06:08 PM, Bill Burke wrote:
I think it is appropriate to model resource access separately,
outside
of Keycloak. The reason for this is basically how SAML/OIDC and single
sign in works. It should be:
Indeed. Which is basically what we have today. But if Organizations were
something that would be implemented in Keycloak, I could focus on
Operations/Resources/Permissions, while Organizations/Roles/Users would
still be managed by Keycloak. But I'm afraid that our use case is too
specific to be useful to the community as a whole, even if we take only
the organization part into consideration.
- Juca.