Re: [keycloak-user] Keycloak to set up Teams and Organizations

The use case for me is to use multiple realms for authentication (e.g. one realm for each organisation) that can access a single application using a common set of roles. Its sort of discussed from a different perspective on the apiman list here: http://lists.jboss.org/pipermail/apiman-user/2015-October/000361.html Tim On 14/10/2015 15:34, Bill Burke wrote: > No, we are not creatin "global" groups and roles. use case please?. > We're trying to keep realms isolated from one another. > > On 10/14/2015 7:29 AM, Tim Dudgeon wrote: >> The scope of this is presumably groups within an individual realm? >> Is there any possibility for "global" groups and roles that can span >> multiple realms? >> >> Tim >> >> On 13/10/2015 17:18, Bill Burke wrote: >>> You just want something like github groups? List your requirements. >>> >>> I am starting on Groups next week after 1.6 goes out. >>> >>> On 10/13/2015 9:11 AM, Subhrajyoti Moitra wrote: >>>> Thanks Stian for the update. any more details about this group feature, >>>> if you can pl share? >>>> We are using composite roles currently to manage "business groups". >>>> Since the group definitions are fixed and mutually exclusive, we are >>>> able to manage it with composite roles. >>>> >>>> Regards, >>>> Subhro. >>>> >>>> On Tue, Oct 13, 2015 at 4:39 PM, Stian Thorgersen <sthorger(a)redhat.com >>>> <mailto:sthorger@redhat.com>> wrote: >>>> >>>> We are also planning on introducing groups soon. Users will be able >>>> to belong to one or more groups and a group can have roles and/or >>>> attributes associated with it. >>>> >>>> On 13 October 2015 at 12:58, Subhrajyoti Moitra >>>> <subhrajyotim(a)gmail.com <mailto:subhrajyotim@gmail.com>> wrote: >>>> >>>> I think u can investigate composite-roles for the same. >>>> http://keycloak.github.io/docs/userguide/html/roles.html#d4e2207 >>>> >>>> The composite-roles can be client specific roles re-presenting >>>> your organizations, and keycloak roles can be the actual >>>> "business roles" under these composite roles. >>>> >>>> HTH. >>>> Subhro. >>>> >>>> On Tue, Oct 13, 2015 at 4:13 PM, Kunal K <kunal(a)plivo.com >>>> <mailto:kunal@plivo.com>> wrote: >>>> >>>> Hi all, >>>> >>>> I am setting up an SSO server and i'm evaluating both CAS >>>> and Keycloak. One of my main requirements is letting users >>>> have multiple teams and be a part of multiple organizations. >>>> I'm trying to wrap my head around how to do this in >>>> Keycloak. Something on the lines of what Github does - >>>> https://github.com/blog/674-introducing-organizations As an >>>> evaluation process, I've already created a POC using CAS. >>>> >>>> I would really appreciate any pointers on how to do this >>>> with Keycloak. >>>> >>>> Best, >>>> >>>> Kunal >>>> >>>> >>>> -- >>>> *KUNAL KERKAR *| PRODUCT ENGINEER >>>> Plivo, Inc. 340 Pine St, San Francisco - 94104, USA >>>> Web: www.plivo.com <http://www.plivo.com/> | Twitter: @plivo >>>> <http://twitter.com/plivo>;, @tsudot <http://twitter.com/tsudot> >>>> >>>> >>>> _______________________________________________ >>>> keycloak-user mailing list >>>> keycloak-user(a)lists.jboss.org >>>> <mailto:keycloak-user@lists.jboss.org> >>>> https://lists.jboss.org/mailman/listinfo/keycloak-user >>>> >>>> >>>> >>>> _______________________________________________ >>>> keycloak-user mailing list >>>> keycloak-user(a)lists.jboss.org <mailto:keycloak-user@lists.jboss.org> >>>> https://lists.jboss.org/mailman/listinfo/keycloak-user >>>> >>>> >>>> >>>> >>>> >>>> _______________________________________________ >>>> keycloak-user mailing list >>>> keycloak-user(a)lists.jboss.org >>>> https://lists.jboss.org/mailman/listinfo/keycloak-user >>>> >> _______________________________________________ >> keycloak-user mailing list >> keycloak-user(a)lists.jboss.org >> https://lists.jboss.org/mailman/listinfo/keycloak-user >> _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user