Hi Marek, sorry for not replying earlier,
> > There is an example for all those functionalities. In the
> > "providers"
> > directory of keycloak-examples distribution, there is "domain-
> > extension"
> > . Some docs is in "Server development guide".
>
> Unfortunately, the "domain-extension" example is borked and is not
> going to be fixed anytime soon
>
https://issues.jboss.org/browse/KEYCLOAK-5927
You reported the bug and you know where the issue is. Cool. Maybe
you could also send PR to fix it? :)
Yep I was thinking about that. I could implement the same approach I'm
using in BeerCloak, but only if I were sure I'm not doing it in an
obsolete/deprecated way. I've heard that authorization for REST admin
resources has been revamped recently; could you please take a look at
BeerCloak just to make sure I'm doing it the right way?
Thanks,
Dmitry