[keycloak-dev] Additional methods to Policy Evaluation API
Pedro Igor Silva
psilva at redhat.com
Wed Mar 14 14:36:09 EDT 2018
Hi,
Users have been asking for additional methods in the Evaluation API in
order to query the realm for additional information about users such as
group membership, roles, etc. The main requirement is to allow query these
information not only for the user trying to access a resource but any other
user, including owners of resources, from a realm.
For that, I've added a new interface [1] from which policies can query
these information.
I think that would give a lot more flexibility for those writing policies
in Keycloak using JS or Drools.
The corresponding JIRA is https://issues.jboss.org/browse/KEYCLOAK-6628.
[1]
https://github.com/keycloak/keycloak/pull/5077/files#diff-136248257141060854b90ccbd9a8645a
Regards.
Pedro Igor
More information about the keycloak-dev
mailing list