[keycloak-dev] Release status
Bill Burke
bburke at redhat.com
Wed Apr 1 10:32:25 EDT 2015
On 4/1/2015 10:29 AM, Stian Thorgersen wrote:
>
>
> ----- Original Message -----
>> From: "Bill Burke" <bburke at redhat.com>
>> To: "Stian Thorgersen" <stian at redhat.com>
>> Cc: keycloak-dev at lists.jboss.org
>> Sent: Wednesday, 1 April, 2015 4:22:42 PM
>> Subject: Re: [keycloak-dev] Release status
>>
>> No, I don't. I"ll look into it after I finish this one thing.
>>
>> Probably should be implemented differently anyways. Token exchange
>> service should be an application with a role that can be assigned to
>> user or applied via a protocol mapper.
>
> Yes, token exchange service as app and role sounds much better. That would let you control what users (role-mapping) and apps (scope) that are allowed to access it. Would also work with existing grant features if an "oauth client" request access. Shame we don't have time to change it now, as it'll probably be a bit of work?!
>
Can't be done by tomorrow. Should I just disable the identity provider
tab until we do this? Or are users asking for access to external tokens?
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-dev
mailing list