[keycloak-user] [Authorization] Get user roles from token

Johan Bos johan.bos at c6.eu
Wed Dec 16 09:17:26 EST 2015


Why is HttpRequest.isUserInRole(<role>) not capable to return true when 
the role is present in the AccessToken.getRealmAccess?

Regards,

Johan Bos

Le 16/12/2015 15:09, Bill Burke a écrit :
> AccessToken.getResourceAccess or AccessToken.getRealmAccess
>
> On 12/16/2015 4:51 AM, Tim Dudgeon wrote:
>> Its not clear to me how you get the assigned roles from the AccessToken.
>> For instance, is the realm has configured the user to have roles "user"
>> and "editor" how do I find these in the AccessToken?
>>
>> Tim
>>
>> On 07/12/2015 02:53, Bill Burke wrote:
>>> For Java HttpServletRequest.isUserInRole() works.  If you typecast the
>>> principal to KeycloakPrincipal you can obtain the AccessToken.
>>>
>>> On 12/6/2015 5:39 PM, Pavel Maslov wrote:
>>>> Hi everyone,
>>>>
>>>>
>>>> Do Keycloak adapters support user authorization? I mean, of course they
>>>> do :) For example, the API I have secured with Keycloak receives a
>>>> Keycloak access token from the client. How can I validate the token
>>>> (check user roles) in my code? I am interested in the Java (wildfly) and
>>>> Javascript adapters.
>>>>
>>>> Manually I am using jwt.io <http://jwt.io> to check the token. I am just
>>>> curious if the Keycloak adapters support smth similar out of the box.
>>>>
>>>> Thank you for your answers.
>>>>
>>>>
>>>> Regards,
>>>> Pavel Maslov, MS
>>>>
>>>>
>>>> _______________________________________________
>>>> keycloak-user mailing list
>>>> keycloak-user at lists.jboss.org
>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: johan_bos.vcf
Type: text/x-vcard
Size: 335 bytes
Desc: not available
Url : http://lists.jboss.org/pipermail/keycloak-user/attachments/20151216/51fa4244/attachment.vcf 


More information about the keycloak-user mailing list