i've installed keycloak to secure a software as a service application that
allow users to create scripts they can run as services, for the
authentication part keycloak works like a charm, users are required to
enter a login and I get their roles and everything.
The idea is to let users create services and roles, and assign them to
users, this all works
The issue i'm having is authorization, since i have no knowledge before and
of what services or roles would be created i can't use Security Constrains
on web.xml or annotations.
Since I have the roles I could write a function that does auhorizations,
but would love for keycloak to do it for me, I'm already passing realms to
keycloak as the multi-tenant example, is there any way I could assign urls
to roles I create so keycloak checks where or not I can access that url?
thanks in advance