[keycloak-user] Users spanning across realms
Bill Burke
bburke at redhat.com
Fri Nov 7 16:02:57 EST 2014
Have one realm. Have multiple applications, each defining their own
role set.
On 11/7/2014 9:21 AM, Gary Brown wrote:
> Hi
>
> As mentioned in previous post, I'm looking at how to leverage KeyCloak within the Overlord governance projects.
>
> I can see how our web UIs and REST services could be defined within a single realm, with the appropriate roles, users and user/role mappings. However if we wanted to build some apps that made use of other JBoss projects, that also used KeyCloak, but with their own realms, then how would a user be defined to use our app that may at the backend need to call services provided by other projects/realms?
>
> Wondering whether the user concept needs to be defined outside of a realm, so that it could be assigned roles within a number of realms, allowing them to access the various apps in those different domains?
>
> More of a conceptual discussion, rather than an actual problem at this stage - was more curious how it could work, as not a security expert.
>
> Regards
> Gary
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-user
mailing list