[keycloak-dev] offline access permission incorrect?
Stian Thorgersen
sthorger at redhat.com
Tue Apr 3 05:21:05 EDT 2018
+1
On 3 April 2018 at 00:16, Bill Burke <bburke at redhat.com> wrote:
> To enable offline access the user must have the offline access role
> and the client must have that role in its scope...
>
> This just doesn't seem right to me. IMO, this shouldn't be something
> you assign permission to a user. Its solely a client permission and
> should not be something role-based. Instead the client should be
> marked as allowing to ask for offline access and whether or not the
> client must ask consent for this.
>
> --
> Bill Burke
> Red Hat
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
More information about the keycloak-dev
mailing list