Hi,
I'm trying to protect some resources of my node.js app using RBAC mechanism.
I have creted a realm called MyApp and a user called user, then I create
some realm roles such as: res_r (read resource), res_u (update resource),
res_d (delete_resource), res_c(create resource).
Then I tried to give the user User the realm roles: res_r
After I configure keycloak using keycloak-connect, I added:
const router = require('express').Router();
router.get('resource', keycloak.protect('realm: res_r'), handler)
However I'm not able to read the resource. I decode the authorization with
jwt I got in the token:
"realm_access": {
"roles": [
"res_r",
"uma_authorization",
]
},
"resource_access": {
"account": {
"roles": [
"manage-account",
"manage-account-links",
"view-profile"
]
}
},
How can I fix the probelm?