6:05 a.m.
Would it be an idea to have a field on a client to specify a required role
that users have to have to be permitted to authenticate to the client?
We could add support for this directly in the login flows. If the user has
the required role redirect to the app, but if the user doesn't display an
error page stating you don't have access.
6:35 a.m.
On Thu, Jun 1, 2017 at 2:05 PM, Stian Thorgersen <sthorger(a)redhat.com>
wrote:
Would it be an idea to have a field on a client to specify a required
role
that users have to have to be permitted to authenticate to the client?
Yes, please! I think it'd simplify access control when not every user is
authorized to access every client.
Best regards,
Thomas
6:49 a.m.
It could probably also be used in the future if we ever add a page in
account management console or an SSO landing page that let's users list all
applications they can login to.
On 1 June 2017 at 13:35, Thomas Raehalme <thomas.raehalme(a)aitiofinland.com>
wrote:
On Thu, Jun 1, 2017 at 2:05 PM, Stian Thorgersen
<sthorger(a)redhat.com>
wrote:
> Would it be an idea to have a field on a client to specify a required role
> that users have to have to be permitted to authenticate to the client?
>
Yes, please! I think it'd simplify access control when not every user is
authorized to access every client.
Best regards,
Thomas
2766
days inactive
2766
days old
2 comments
2 participants
participants (2)
-
Stian Thorgersen -
Thomas Raehalme