6:11 a.m.
Hi
Can I solve the following with KeyCloak, with fine-granted permissions enabled? (also
posted here:
https://stackoverflow.com/questions/51616770/keycloak-restricting-user-ma...):
We have Group X and Group Y.
The role 'Group X Admin' can do the following:
1. Can create users without a group.
2. Can assign users without a group to group X.
3. Can edit and manage users in group X.
4. Cannot see/edit/manage users in group Y.
Med venlig hilsen / Kind regards
[Systematic Logo]<http://www.systematic.com/>
Per Erik Gransøe
Senior Systems Engineer
Søren Frichs Vej 39, 8000 Aarhus C
Denmark
Mobile: +45 3038 6841
Per.Erik.Gransoe@Systematic.com<mailto:Per.Erik.Gransoe@Systematic.com>
www.systematic.com<http://www.systematic.com>
7:49 a.m.
You should be able to do #3 and #4.
For #1 and #2, we would need to allow you to obtain the user being
created/changed as a resource. Today we always pass a "Users" resource
representing all users.
Please, open a JIRA with more details about your scenario so that we can
consider the requirements in future versions and improvements to the
functionality.
On Mon, May 27, 2019 at 8:15 AM Per Erik Gransøe <
Per.Erik.Gransoe(a)systematic.com> wrote:
Hi
Can I solve the following with KeyCloak, with fine-granted permissions
enabled? (also posted here:
https://stackoverflow.com/questions/51616770/keycloak-restricting-user-ma...
):
We have Group X and Group Y.
The role 'Group X Admin' can do the following:
1. Can create users without a group.
2. Can assign users without a group to group X.
3. Can edit and manage users in group X.
4. Cannot see/edit/manage users in group Y.
Med venlig hilsen / Kind regards
[Systematic Logo]<http://www.systematic.com/>
Per Erik Gransøe
Senior Systems Engineer
Søren Frichs Vej 39, 8000 Aarhus C
Denmark
Mobile: +45 3038 6841
Per.Erik.Gransoe@Systematic.com<mailto:Per.Erik.Gransoe@Systematic.com>
www.systematic.com<http://www.systematic.com>
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
2041
days inactive
2041
days old
1 comments
2 participants
participants (2)
-
Pedro Igor Silva -
Per Erik Gransøe