Re: [keycloak-user] [UMA] Submitting Permission Request
Hi,
From a frontend perspective, you get a PT after trying to access a UMA
protected resource for the first time (when lacking the required
permissions). You should be able to obtain it through the WWW-Authenticate
header as described here
https://www.keycloak.org/docs/latest/authorization_services/index.html#_s...
.
But you should also be able to obtain permissions for a resource owner by
just invoking the token endpoint directly as described here
https://www.keycloak.org/docs/latest/authorization_services/index.html#_s...,
as long as the access token you pass (as a bearer, for instance) is
representing the owner as the subject.
On Fri, Nov 15, 2019 at 4:33 PM <sesnor.silva(a)sapo.pt> wrote:
Hello,
I'm trying to implement a frontend interface for requesting
permissions to resource owners, however I'm having trouble
understanding what a "permission_ticket" is.
According to the documentation
(
https://www.keycloak.org/docs/latest/authorization_services/#_service_aut...),
a permission request requires a "ticket=${permission_ticket}" parameter.
How do I obtain this ticket? Can I build it
myself?
The previous section states: "The resource server sends a response
back to the client with a permission ticket and a as_uri parameter
with the location of a Keycloak server to where the ticket should be
sent in order to obtain an RPT." But I'm not sure how I make my
API/Resource Server do this.
Can I request access to a resource owner through any another method?
Thank you,
Silva
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user