Re: [keycloak-user] UMA and large resource sets

Hello there, I am implementing a Node.js resource server and I currently struggle with figuring out how to let a user list all their resources from a specifict resource set. For example, a user can GET /activities and get all their own activities, but not other users. I am not certain of how to create a UMA permission ticket for that request, since don't already know the IDs of the users activities. Further, the user could have access to other users activities through resource sharing. This list is potentially very large, (as in thousands of IDs), and I don't imagine putting that large a JWT in a header is a good idea either. What is the recommended way to handle this? I am wondering if I should let the resource server itself query KeyCloak for a list of IDs for all its own activities and activities shared with the user - but I can't seem to figure out what API endpoint that lets me do this in KeyCloak 6.0.1, since the Entitlement API has been deprecated. Thanks for your help, I really enjoy working with KeyCloak so far. :) Regards, Asbjørn _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user