Re: [keycloak-user] [Authorization] Get user roles from token

Why is HttpRequest.isUserInRole(<role>) not capable to return true when the role is present in the AccessToken.getRealmAccess? Regards, Johan Bos Le 16/12/2015 15:09, Bill Burke a écrit : > AccessToken.getResourceAccess or AccessToken.getRealmAccess > > On 12/16/2015 4:51 AM, Tim Dudgeon wrote: >> Its not clear to me how you get the assigned roles from the AccessToken. >> For instance, is the realm has configured the user to have roles "user" >> and "editor" how do I find these in the AccessToken? >> >> Tim >> >> On 07/12/2015 02:53, Bill Burke wrote: >>> For Java HttpServletRequest.isUserInRole() works. If you typecast the >>> principal to KeycloakPrincipal you can obtain the AccessToken. >>> >>> On 12/6/2015 5:39 PM, Pavel Maslov wrote: >>>> Hi everyone, >>>> >>>> >>>> Do Keycloak adapters support user authorization? I mean, of course >>>> they >>>> do :) For example, the API I have secured with Keycloak receives a >>>> Keycloak access token from the client. How can I validate the token >>>> (check user roles) in my code? I am interested in the Java >>>> (wildfly) and >>>> Javascript adapters. >>>> >>>> Manually I am using jwt.io <http://jwt.io> to check the token. I am >>>> just >>>> curious if the Keycloak adapters support smth similar out of the box. >>>> >>>> Thank you for your answers. >>>> >>>> >>>> Regards, >>>> Pavel Maslov, MS >>>> >>>> >>>> _______________________________________________ >>>> keycloak-user mailing list >>>> keycloak-user(a)lists.jboss.org >>>> https://lists.jboss.org/mailman/listinfo/keycloak-user >>>> >> _______________________________________________ >> keycloak-user mailing list >> keycloak-user(a)lists.jboss.org >> https://lists.jboss.org/mailman/listinfo/keycloak-user >> _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user