Re: [keycloak-user] Policy Enforcer in Spring Security Adapter

Илья Король wrote Both, all resources are defined in the keycloak.json (methods paths) and also as resources in the keycloak server Илья Король wrote You are right, I am using UMA protocol but it should also works with Entitlement. Илья Король wrote I configured the client as confidential. Илья Король wrote Methods and associated scopes are configured in the keycloak.json only. Resources, scopes and associated policies are defined in keycloak. A small extract from the conf : keycloak.json : { "realm": "...", "resource": "backend", ... "bearer-only": true, ... "policy-enforcer": { "create-resources":false, "user-managed-access": { }, "enforcement-mode": "ENFORCING", "paths": [ { "path": "/yourMethod", "methods": [ { "method": "POST", "scopes": [ "urn:app:scopes:create" ] }, ... } ] } } realm authz json : { "allowRemoteResourceManagement": true, "policyEnforcementMode": "ENFORCING", "resources": [ { "name": "My Resource", "uri": "/myMethod", "scopes": [ { "name": "urn:app:scopes:create" }, ... }], "policies": [...your policies], "scopes": [ { "name": "urn:app:scopes:create" }, ... ] -- View this message in context: http://keycloak-user.88327.x6.nabble.com/keycloak-user-Policy-Enforcer-in... Sent from the keycloak-user mailing list archive at Nabble.com.