Re: [keycloak-user] Keycloak 4

OK, interesting: I didn't know about this console :) I can access it with my "test" user, but I don't see the "My Resources" menu entry (see screenshot). I created some resources owned by that user (using the API). But they don't show up. What did I missed? On Tue, Jun 26, 2018 at 2:42 PM, Pedro Igor Silva <psilva(a)redhat.com&gt; wrote: > Yeah, you can access those claims in a JS policy. > > Regarding the "account management console" take a look here: > https://www.keycloak.org/docs/latest/authorization_ser > vices/index.html#_service_authorization_api_aapi. > > On Mon, Jun 25, 2018 at 1:28 PM, Corentin Dupont < > corentin.dupont(a)gmail.com&gt; wrote: > >> Ok, I see the "claim_token" parameter in the request. >> I guess you can retrieve those claims in a javascript rule, from the >> evaluation context. >> >> By the way, I still cannot figure out where is the "account management >> console", where user can manager users access (as per the release notes)?? >> >> On Fri, Jun 22, 2018 at 7:09 PM, Pedro Igor Silva <psilva(a)redhat.com&gt; >> wrote: >> >>> The new form of obtaining entitlements relies solely on the token >>> endpoint just like when you are obtaining access tokens using other OAuth2 >>> grant types. With that in mind the new format of the request should be a >>> HTTP POST + parameters. Check this documentation [1] for more details. >>> >>> Regarding pushing claims to your policies, there is a specific HTTP >>> parameter that you can use to pass a Base64 encoded JSON with the claims >>> you want to push. >>> >>> [1] https://www.keycloak.org/docs/latest/authorization_servi >>> ces/index.html#_service_obtaining_permissions >>> >>> >>> On Fri, Jun 22, 2018 at 12:09 PM, Corentin Dupont < >>> corentin.dupont(a)gmail.com&gt; wrote: >>> >>>> Thanks Pedro, I went through the pull request. >>>> I'm not sure how to modify my entitlement requests? >>>> For example I have: >>>> curl -X POST -H "Content-Type: application/json" -H "Authorization: >>>> Bearer $TOKEN" -d '{ >>>> "permissions" : [ >>>> { >>>> "resource_set_name" : "Sensors", >>>> "scopes" : [ >>>> "sensors:update" >>>> ] >>>> } >>>> ] >>>> }' "http://localhost:8080/auth/realms/waziup/authz/entitlement/waziup >>>> " >>>> >>>> This call has been moved to uma-2, right? >>>> Can I add pushed claims to this call? What I'm imagining is: >>>> >>>> curl -X POST -H "Content-Type: application/json" -H "Authorization: >>>> Bearer $TOKEN" -d '{ >>>> "permissions" : [ >>>> { >>>> "resource_set_name" : "Sensors", >>>> "scopes" : [ >>>> "sensors:update" >>>> ] >>>> } >>>> ], >>>> claims: ["owner": "cdupont"] >>>> }' "http://localhost:8080/auth/realms/waziup/authz/entitlement/waziup >>>> " >>>> >>>> In this example, I would like to push the owner of the sensor >>>> ("cdupont"), which I take from our own database before calling the API. >>>> >>>> Sorry about the questions, maybe I should just wait that the >>>> documentation is merged :) >>>> >>>> >>>> >>>> On Fri, Jun 22, 2018 at 4:37 PM, Pedro Igor Silva <psilva(a)redhat.com&gt; >>>> wrote: >>>> >>>>> Hi, >>>>> >>>>> We have a few changes to docs that were not released because the PR >>>>> [1] was not merged on time. But you can check about pushed claims (if you >>>>> are using our adapters) here [2]. >>>>> >>>>> Regards. >>>>> Pedro igor >>>>> >>>>> [1] https://github.com/keycloak/keycloak-documentation/pull/402 >>>>> [2] https://www.keycloak.org/docs/latest/authorization_servi >>>>> ces/index.html#_enforcer_claim_information_point >>>>> >>>>> On Wed, Jun 20, 2018 at 10:04 AM, Corentin Dupont < >>>>> corentin.dupont(a)gmail.com&gt; wrote: >>>>> >>>>>> Hi guys, >>>>>> I'm playing with the new version of Keycloak ( >>>>>> https://www.keycloak.org/docs/latest/release_notes/index.html) >>>>>> >>>>>> I have some questions: >>>>>> - where is the "account management console"? >>>>>> - How to use pushed claims? Which APIs are affected? >>>>>> >>>>>> Thanks! >>>>>> Corentin >>>>>> _______________________________________________ >>>>>> keycloak-user mailing list >>>>>> keycloak-user(a)lists.jboss.org >>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user >>>>>> >>>>> >>>>> >>>> >>> >> >