Hi guys,
any idea on that? By the way, how to retrieve permissions based on the
resource type using the API?
I see no options to do that in the current API.
For instance in this request:
curl -X POST \
http://${host}:${port}/auth/realms/${realm}/protocol/openid-connect/token \
-H "Authorization: Bearer ${access_token}" \
--data "grant_type=urn:ietf:params:oauth:grant-type:uma-ticket" \
--data "audience={resource_server_client_id}" \
--data "permission=Resource A#Scope A" \
--data "permission=Resource B#Scope B"
Where should I specify the resource type?
On Sat, May 4, 2019 at 4:01 PM Corentin Dupont <corentin.dupont(a)gmail.com>
wrote:
Hi guys,
I noticed that when I use "Resource type" permissions ("Apply to Resource
Type" is checked), only the resources that belong to the client are
returned. Resources that belong to users will not be returned.
Basically, I created 2 resources with the API: one belonging to the
client, one to a user.
I then evaluate my permissions, with "Apply to Resource Type" on. Only the
resource belonging to the client will be returned.
Why is that?
If my resources need to belong to the client, how to manage ownership
policies? Should I use Resource Attributes for that?
Furthermore, I think UMA will not work anymore if the owner of the
resource is the client?
Thanks a lot!
Corentin