Re: [keycloak-user] default permissions
Hi,
I think you could probably change your application and remove the
resources/paths you want to make public from the list of resources
protected by the adapter.
On Thu, Nov 9, 2017 at 2:06 PM, Corentin Dupont <corentin.dupont(a)gmail.com>
wrote:
Another question: how to apply default authorizations?
I want to protect my API with authorization in Keycloak. However some
resources should be open to the public, accessible without any bearer
token.
My idea was:
- create an "unregistered_user" composite role, containing some basic roles
- create a "guest" user, with the unregistered_user role
- on the API server, if there is no token in the request I will get the
roles of the guest user and user them. If there is a token, I'll use that
user permissions.
What do you think of that process?
Thanks
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user