1:28 a.m.
Hi!
I have two similar use cases that both would benefit from the policy provider SPI.
In one use case there's an external authorization service with its own database that
I'd like to keep, but I'd also like to use Keycloak as a frontend to get a
standardized way of performing authorization. One way to achieve this would be to write a
custom policy provider SPI that fetches what it needs from the external database.
Similarly there's another datastore that has authorization information in a
non-relational database, that I'd also like to be able to use to make authorization
decisions.
1. Before I go any further down this path - according to
KEYCLOAK-4901<https://issues.jboss.org/browse/KEYCLOAK-4901> the policy provider SPI
is supported now, but I can't find anything in the official docs. Is it (still)
supported?
Best regards,
Vegard
7:39 a.m.
Hi Vegard,
Community wise, you are free to use it. As you noticed we are missing docs
and examples about how to use it.
We have quite a few examples in Keycloak codebase that you can use as a
guideline to implement your own policy provider.
I can also help you with this implementation and update docs accordingly.
We can discuss more here https://issues.jboss.org/browse/KEYCLOAK-9254.
Regards.
Pedro Igor
On Thu, May 16, 2019 at 3:30 AM Vegard Vaage <vegard.vaage(a)evry.com> wrote:
Hi!
I have two similar use cases that both would benefit from the policy
provider SPI.
In one use case there's an external authorization service with its own
database that I'd like to keep, but I'd also like to use Keycloak as a
frontend to get a standardized way of performing authorization. One way to
achieve this would be to write a custom policy provider SPI that fetches
what it needs from the external database.
Similarly there's another datastore that has authorization information in
a non-relational database, that I'd also like to be able to use to make
authorization decisions.
1. Before I go any further down this path - according to KEYCLOAK-4901<
https://issues.jboss.org/browse/KEYCLOAK-4901> the policy provider SPI is
supported now, but I can't find anything in the official docs. Is it
(still) supported?
Best regards,
Vegard
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
2517
days inactive
2517
days old
1 comments
2 participants
participants (2)
-
Pedro Igor Silva -
Vegard Vaage