[keycloak-user] R: Keycloak Share a resource with other User

Hi Pedro, tanks for the answer, sorry, but i dont understand how, my code is : String resourceId="3707be30-6e85-4d48-92c9-afaf0750eaec"; String DestinatarioId="4308881b-5754-44e4-a8c6-dbd13bbbc4a6"; String scopeId="3497b93d-ae42-42ee-b825-f1da667902b4"; String Soggetto = keycloak_helper.getKeycloakSecurityContext(request).getToken().getSubject(); PermissionTicketRepresentation ticket = new PermissionTicketRepresentation(); ticket.setOwner(Soggetto); ticket.setOwnerName("alice"); ticket.setResource(resourceId); ticket.setResourceName("Foto-Vacci"); ticket.setRequester(DestinatarioId); ticket.setRequesterName("bob"); ticket.setScope(scopeId); ticket.setScopeName("foto:view"); ticket.setGranted(true); keycloak_helper.getAuthzClient(request).protection().permission().create(ticket); The request is made from the owner of the resource "alice" and this request is made from the Java backend, like the photoz example. Can you help me understand what is wrong? King Regards ________________________________ Da: Pedro Igor Silva <psilva(a)redhat.com&gt; Inviato: lunedì 16 settembre 2019 23:14 A: Nicola <nikmess(a)hotmail.it&gt; Cc: keycloak-user <keycloak-user(a)lists.jboss.org&gt; Oggetto: Re: [keycloak-user] Keycloak Share a resource with other User Hi, Basically, only the owner can create tickets for his/her resources. You need to access the API using a bearer token where the owner of the resource is the subject. Regards. Pedro Igor On Mon, Sep 16, 2019 at 3:21 PM Nicola <nikmess@hotmail.it<mailto:nikmess@hotmail.it>> wrote: Hi, i'm new to keycloak, i'm watching the *photoz uma example*, in this example a user can *create *a resource and then *share *with other user, i'm interested to this feature. Checking in the JavaDOC i've found that from a PermissionResource i can create a *PermissionTicketRepresentation*, where i can set the resource, the scope, the owner and the requester of the resource, i've tried this, but i get /{"error":"not_authorised","error_description":"permissions for [3707be30-6e85-4d48-92c9-afaf0750eaec] can be only created by the owner"}/ so, how can i do this via code? kind regards -- Sent from: http://keycloak-user.88327.x6.nabble.com/ _______________________________________________ keycloak-user mailing list keycloak-user@lists.jboss.org<mailto:keycloak-user@lists.jboss.org> https://lists.jboss.org/mailman/listinfo/keycloak-user