[keycloak-dev] Introduce role attributes
Stian Thorgersen
sthorger at redhat.com
Mon Jul 16 14:26:40 EDT 2018
I don't think we should add attributes to roles. It would introduce
complexity and also potentially have performance/memory impacts.
I also struggle to see how you would use attributes associated with roles.
Are you thinking that would be mapped into the token together with the role
name?
On Tue, 3 Jul 2018 at 07:37, Lösch, Sebastian <
Sebastian.Loesch at governikus.de> wrote:
> Hi developers,
>
> we are currently setting up a project using keycloak and need to model:
> - representative roles, i.e. roles that are given temporarily from one
> user to another e.g. in holiday times
> - roles contain entitlements on business objects
>
> The current role object in keycloak is not sufficent for our use cases.
> Searching for a solution I stumbled over
> https://issues.jboss.org/browse/KEYCLOAK-961
> Introducing role attributes would solve my challenges. Also this fits well
> in the keycloak data model, as there are already user attributes, group
> attributes, realm attributes.
>
> So I would like to add role attributes to keycloak in the style of group
> attributes.
> What do you think?
>
> Best regards,
> Sebastian
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
More information about the keycloak-dev
mailing list