Re: [keycloak-dev] Default roles for realms and applications

From: "Bill Burke" <bburke(a)redhat.com&gt; To: keycloak-dev(a)lists.jboss.org Sent: Friday, 11 October, 2013 1:22:43 AM Subject: Re: [keycloak-dev] Default roles for realms and applications Implementing Groups would solve this issue. Then you can modify the group and not worry about old users. On 10/10/2013 10:51 AM, Stian Thorgersen wrote: > At the moment we only have support for default roles for realms and I was > planning to add the same for applications. > > Currently when a new user registers the list of default roles for the realm > is added. This means that if you create the default roles for the realm, > roles for old users won't automatically reflect the changes. When adding > default roles for applications the problem becomes even worse as now > applications themselves can be added/remove after a user has been added. > > As I see it we have two options: > > 1. Try to keep the default roles for realms and applications in sync with > the roles for users > 2. Add the default roles for realms and applications to tokens directly > > To me option 2 seems the simplest/best > _______________________________________________ > keycloak-dev mailing list > keycloak-dev(a)lists.jboss.org > https://lists.jboss.org/mailman/listinfo/keycloak-dev > -- Bill Burke JBoss, a division of Red Hat http://bill.burkecentral.com _______________________________________________ keycloak-dev mailing list keycloak-dev(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-dev