Hi, i'm trying to recreate the photoz-uma-example, so, on keycloak i created two client, resource and assigned permission, created JAX-RS server and created an HTML5 & plain Javascript client (not AngularJS, i dont know angular), so, if i use the policy based on user role, everything goes well, i can create resource, view resource, view shared resource, but wen i use the "Owner only policy" in javascript, i obtain ever the 403 Forbidden. what am I doing wrong? I think I'm wrong in the client, but I don't understand what I have to send to keycloak server. I'm doing this, should be enough? authorizationRequest.ticket = ticket; // send the authorization request, if successful retry the request identity.authorization.authorize(authorizationRequest).then(function (rpt) I'll have some stupid things wrong Thanks in advance.