Re: [keycloak-user] default permissions
Hi Pedro,
I don't really have public/private paths in the API.
Some resources under those paths can be either public or private, however.
For instance, a URL would be like that:
www.example.com/api/v1/cities/rome/houses
I would like that some cities be accessible by everybody without token,
while some others will be private and require auth token and specific roles
to be accessed.
Thanks!
On Fri, Nov 10, 2017 at 11:33 AM, Pedro Igor Silva <psilva(a)redhat.com>
wrote:
Hi,
I think you could probably change your application and remove the
resources/paths you want to make public from the list of resources
protected by the adapter.
On Thu, Nov 9, 2017 at 2:06 PM, Corentin Dupont <corentin.dupont(a)gmail.com
> wrote:
> Another question: how to apply default authorizations?
>
> I want to protect my API with authorization in Keycloak. However some
> resources should be open to the public, accessible without any bearer
> token.
> My idea was:
> - create an "unregistered_user" composite role, containing some basic
> roles
> - create a "guest" user, with the unregistered_user role
> - on the API server, if there is no token in the request I will get the
> roles of the guest user and user them. If there is a token, I'll use that
> user permissions.
> What do you think of that process?
>
> Thanks
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>