[keycloak-dev] rename client templates to scope?

Stian Thorgersen sthorger at redhat.com
Thu Sep 28 03:35:27 EDT 2017


Interesting. So client templates could become a very flexible thing that
covers many uses. So one single concept could cover:

* Templates as today
* Scope
* Namespaces

I like the idea, but the devil is in the details. How would it end up
looking. Would it be easy to use.

On 27 September 2017 at 19:38, Bill Burke <bburke at redhat.com> wrote:

> Maybe want to allow client scopes to define their own roles too.  Then
> we have a role namespace as well.  Could even think about removing
> realm roles if we do this.
>
> On Tue, Sep 26, 2017 at 3:24 AM, Stian Thorgersen <sthorger at redhat.com>
> wrote:
> > Interesting idea. That might just work and be a nice and easy way to add
> > proper support for OAuth/OIDC scope.
> >
> > On 25 September 2017 at 17:11, Bill Burke <bburke at redhat.com> wrote:
> >>
> >> This is something for 4.0
> >>
> >> Was thinking that we should rename Client Templates to Client Scopes.
> >> For oauth, oidc, and token exchange client asks for a specific scope
> >> with the "scope" parameter.  This "scope" parameter would be the name
> >> of a client-id or a client scope (formerly client emplates.  Clients
> >> will be granted access to scopes in the admin console.  Probably
> >> through authz services.
> >>
> >>
> >>
> >> --
> >> Bill Burke
> >> Red Hat
> >> _______________________________________________
> >> keycloak-dev mailing list
> >> keycloak-dev at lists.jboss.org
> >> https://lists.jboss.org/mailman/listinfo/keycloak-dev
> >
> >
>
>
>
> --
> Bill Burke
> Red Hat
>


More information about the keycloak-dev mailing list