Hi Gerard,     Right now, AuthZ Services are heavily based on OAuth2+OIDC. Right now, you can only use it when your apps are talking OIDC.     Beside that, our enforcers are only enabled for - some - OIDC adapters such as: undertow, wildfly, tomcat and eap.     The reason why we started with OIDC is that it fits better with the Authorization API and most use cases around API security. Can you open a JIRA, please ? I'm going to talk with @Stian about it and see when we are able to enable authz to SAML. Regards. Pedro Igor On 11/22/2016 9:29:25 AM, Gerard Laissard <glaissard(a)axway.com&gt; wrote: HI, Our applications (resource servers) are using SAML to authenticate users with Keycloak. We would like to use authorization services. Authorization service can be activated on OIDC clients, will it be possible to activate authorization service on SAML client ? Is there any way to use authz with a SAML client ? Thanks Gerard _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user