Re: [keycloak-user] [Authorization] Get user roles from token
Its not clear to me how you get the assigned roles from the AccessToken.
For instance, is the realm has configured the user to have roles "user"
and "editor" how do I find these in the AccessToken?
Tim
On 07/12/2015 02:53, Bill Burke wrote:
For Java HttpServletRequest.isUserInRole() works. If you typecast
the
principal to KeycloakPrincipal you can obtain the AccessToken.
On 12/6/2015 5:39 PM, Pavel Maslov wrote:
> Hi everyone,
>
>
> Do Keycloak adapters support user authorization? I mean, of course they
> do :) For example, the API I have secured with Keycloak receives a
> Keycloak access token from the client. How can I validate the token
> (check user roles) in my code? I am interested in the Java (wildfly) and
> Javascript adapters.
>
> Manually I am using jwt.io <http://jwt.io> to check the token. I am just
> curious if the Keycloak adapters support smth similar out of the box.
>
> Thank you for your answers.
>
>
> Regards,
> Pavel Maslov, MS
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>