3:14 a.m.
Hello everyone!. According to the documentation, an RPT is just a jwt token
with permission claims. In order to disambiguate between RPT and regular
access tokens, is there any way to do this apart from checking the
existence of these permission claims?. Thanks!.
6:59 a.m.
No, there isn't.
If it helps, if you are using our adapters you are not forced any longer to
send RPTs to your backend in order to enforce access to your resources. Now
you can just send regular access tokens and PEP will take care of
exchanging a RPT and enforce access decisions based on the permissions
granted by the server.
Could you elaborate more what you are trying to achieve?
On Mon, Jun 4, 2018 at 5:14 AM, Juan José Vázquez Delgado <
juanjo.vazquez.delgado(a)tecsisa.com> wrote:
Hello everyone!. According to the documentation, an RPT is just a jwt
token
with permission claims. In order to disambiguate between RPT and regular
access tokens, is there any way to do this apart from checking the
existence of these permission claims?. Thanks!.
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
2412
days inactive
2412
days old
1 comments
2 participants
participants (2)
-
Juan José Vázquez Delgado -
Pedro Igor Silva