When I was messing with granular permissions recently I had to give the
view-realm role in order to log into the Admin Console.
On Fri, Dec 21, 2018, 19:29 Mandy Fung <mandy.fung(a)tasktop.com wrote:
Hello,
We've recently upgraded from 4.5.0 to 4.7.0 and users can no longer access
the dedicated realm admin console (/auth/admin/{realm}/console) with the
same realm-management roles that they had in 4.5.0.
We only want our admin users to manage users and groups and in 4.5.0 we
were able to assign the following roles to our admin users such that only
the "Manage > Groups" and "Manage > Users" tab show up in the
realm admin
console: 'manage-users', 'query-groups', 'query-users', and
'view-users'.
However, with the new upgrade to 4.7.0 these admin users with the same
realm-management roles assigned can no longer access the realm admin
console and they see a 403 Forbidden error page.
Has anyone run into this issue recently or if there are some new realm
management roles added in 4.7.0 that we need to re-configure?
Best regards,
Mandy
--
*Mandy Fung **|* Software Engineer 1 *| *Tasktop
*email: *mandy.fung(a)tasktop.com
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user