[keycloak-dev] [authz] Roles as first class citizens
Bill Burke
bburke at redhat.com
Sat Apr 1 09:11:36 EDT 2017
I find creating role policies as cumbersome. Also, how is the admin
supposed to know if a policy with a specific role has already been
created or not? Maybe policies can have DENY and PERMIT role lists.
when creating permissions you can just pick roles to add/remove to the
permission. I think the most used, most common case (90% of the time?)
will be assigning role permissions to resources so we should make it as
easy as possible. Both within the admin UI and APIs. Thoughts?
Bill
More information about the keycloak-dev
mailing list