Not sure if I follow you Bill.  Don’t we already have scope (role) assignment capabilities for both OAuth Clients and Applications?

 

 

Date: Tue, 12 Aug 2014 12:13:21 -0400

From: Bill Burke <bburke@redhat.com>

Subject: Re: [keycloak-user] Direct Access Grants & 'Client

                Credentials' OAuth2 grant type

To: keycloak-user@lists.jboss.org

Message-ID: <53EA3D21.7060609@redhat.com>

Content-Type: text/plain; charset=windows-1252; format=flowed

 

Right now we require you to create a user and give permissions to that user.  Not sure if we'll add client credentials grant as it would require having role mappings for clients and applications.