Essentially I want lock down permissions on a new client that has the ability to create users (ie service account / client credentials flow) and authenticate them (ie, password flow), but little else. Now, this fine tuning on the existing roles for individual clients seems available for 3.3 but I'm wondering if there's a way to achieve the same thing in 2.5? http://www.keycloak.org/docs/3.3/server_admin/topics/admin-console-permis... Cheers