I’m considering migrating a custom authentication and authorization framework to KeyCloak. I like KeyCloak’s authentication support and role to user mapping capabilities. However, I haven’t seen a feature to replace the granular permission support we
have in our custom framework. We assign permissions to individual roles and use them to secure resources such as application pages, specific fields within a page, buttons, menu items, etc.
One option that may work is the Protocol Mapping feature mentioned in this blog post:
http://blog.keycloak.org/2015/03/customizing-keycloak.html. I would like to use a custom Protocol
Mapper to store a permission map within a token for the roles associated with a user. Can someone point me to documentation that outlines how to write a custom Protocol Mapper and configure KeyCloak to use it?
Thanks,
Scott