Granularity of roles in account endpoint - keycloak-dev - Jboss List Archives

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

Granularity of roles in account endpoint

PR review request: Order clientId...

Credentials in javascript adapter

Douglas Palmer

Tuesday, 19 November 2019 Tue, 19 Nov '19

11:30 p.m.

In the commit 0ce10a3249db69592cb7fee70cefd4a2eec66423, three new AccountRoles were added: view-applications view-consent manage-consent Do we need/want such fine grain access control? Or should we stick with just using manage-account and view-profile? Regards Doug

Reply

Show replies by date

Stian Thorgersen

Wednesday, 20 November Wed, 20 Nov

8:40 a.m.

We want them and there's no big problem supporting them as we already have the code to require one of a list of roles, for example get profile is permitted for view-profile or manage-account. On Tue, 19 Nov 2019 at 23:37, Douglas Palmer <dpalmer(a)redhat.com> wrote:

In the commit 0ce10a3249db69592cb7fee70cefd4a2eec66423, three new AccountRoles were added: view-applications view-consent manage-consent Do we need/want such fine grain access control? Or should we stick with just using manage-account and view-profile? Regards Doug _______________________________________________ keycloak-dev mailing list keycloak-dev(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-dev

Reply

1618

days inactive

1619

days old

keycloak-dev@lists.jboss.org

Manage subscription

1 comments

2 participants

tags (0)

participants (2)

Douglas Palmer
Stian Thorgersen