Re: [keycloak-user] Entitlement request with additional parameters
Hi Corentin,
We are adding support for "pushed claims". That is the main task I'm
working with right now.
If you want to track the changes being made and provide any feedback,
please watch https://issues.jboss.org/browse/KEYCLOAK-4903. So far, I have
enabled pushing claims when using UMA and permission tickets. As you might
know, with the introduction of UMA 2.0 there is no specific endpoint for
entitlements anymore. Now permissions are evaluated using the token
endpoint. Next step is enable "pushed claims" to non-UMA requests (without
permission tickets, just like the old entitlement api).
On Tue, Apr 10, 2018 at 8:09 AM, Corentin Dupont <corentin.dupont(a)gmail.com>
wrote:
Hi guys,
I use the entitlement API to check access control on my resources. Here I
check if a user can update a sensor:
curl -X POST -H "Content-Type: application/json" -H "Authorization:
Bearer
$TOKEN" -d '{
"permissions" : [
{
"resource_set_name" : "Sensors",
"scopes" : [
"sensors:update"
]
}
]
}' "http://localhost:8080/auth/realms/waziup/authz/entitlement/waziup"
But I would like to make complex policies that check additional parameters,
such as sensor status etc.
How can I pass along the additional parameters to the request, and use them
in my policies? I use javascript policies mainly.
Thanks
Corentin
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user