Re: [keycloak-user] [Authorization] Get user roles from token

AccessToken.getResourceAccess or AccessToken.getRealmAccess On 12/16/2015 4:51 AM, Tim Dudgeon wrote: > Its not clear to me how you get the assigned roles from the AccessToken. > For instance, is the realm has configured the user to have roles "user" > and "editor" how do I find these in the AccessToken? > > Tim > > On 07/12/2015 02:53, Bill Burke wrote: >> For Java HttpServletRequest.isUserInRole() works. If you typecast the >> principal to KeycloakPrincipal you can obtain the AccessToken. >> >> On 12/6/2015 5:39 PM, Pavel Maslov wrote: >>> Hi everyone, >>> >>> >>> Do Keycloak adapters support user authorization? I mean, of course they >>> do :) For example, the API I have secured with Keycloak receives a >>> Keycloak access token from the client. How can I validate the token >>> (check user roles) in my code? I am interested in the Java (wildfly) and >>> Javascript adapters. >>> >>> Manually I am using jwt.io <http://jwt.io> to check the token. I am just >>> curious if the Keycloak adapters support smth similar out of the box. >>> >>> Thank you for your answers. >>> >>> >>> Regards, >>> Pavel Maslov, MS >>> >>> >>> _______________________________________________ >>> keycloak-user mailing list >>> keycloak-user(a)lists.jboss.org >>> https://lists.jboss.org/mailman/listinfo/keycloak-user >>> > _______________________________________________ > keycloak-user mailing list > keycloak-user(a)lists.jboss.org > https://lists.jboss.org/mailman/listinfo/keycloak-user >