[keycloak-user] Application Management
Alex Gouvêa Vasconcelos
alexgv99 at gmail.com
Mon Mar 23 16:31:17 EDT 2015
We found a Jira about the same issue we talked about [1]. We are available
to help implementing that feature, but we barely know about the keycloak
implementation.
Our current idea is to create the app-admin role when the application is
created in the realm. We would display a widget in the Application > <app
name> > Roles > <role name> screen to allow the app-admin to assign the
given role to users.
As for the schema, we're not sure how to store the "app-admin" information.
We provisionally thought about a boolean field stating whether the role is
the admin role of the app associated, but input here would be very welcome.
In short, if someone could provide some guidance on this sort of issues,
we're more than happy to provide some code.
[1] https://issues.jboss.org/browse/KEYCLOAK-1032
<https://www.google.com/url?q=https%3A%2F%2Fissues.jboss.org%2Fbrowse%2FKEYCLOAK-1032&sa=D&sntz=1&usg=AFQjCNEK2x-tAD1jkyPxJsedeAGDWKI7BA>
Cordialmente.
Alex Gouvêa Vasconcelos
mailto:alexgv99 at gmail.com
MSN: alexgv99 at hotmail.com
http://about.me/alexgv99
2015-03-23 12:06 GMT-03:00 Bill Burke <bburke at redhat.com>:
> So, you have an "application admin", and you want this admin to only be
> able to add permissions for that app for a specific user? You'll have
> to submit a JIRA for that. Our queue is very large right now, so I
> can't promise much.
>
> On 3/23/2015 10:55 AM, Alex Gouvêa Vasconcelos wrote:
> > Hi all...
> >
> > We started using keycloack a few weeks ago, trying a SSO solution for
> > our company. We used to use a proprietary system for
> > authentication/authorization and our users have a console admin which
> > allow them to manage users and roles per application.
> > We tried doing that in keycloack but the only way we found to do
> > something similar to that, was giving realm-management rights to the
> > application admin. This was not what we were trying to do, because those
> > rights allow the admin of app1 give permission to users of app2.
> >
> > We found another user of this forum with a similar question in february
> > archives... [1] but the answer did not specify if this is in future
> > plans. If not, is there any help we could count on to implement
> ourselves?
> >
> > [1]
> http://lists.jboss.org/pipermail/keycloak-user/2015-February/001540.html
> >
> > Best regards.
> > Alex Gouvêa Vasconcelos
> > mailto:alexgv99 at gmail.com <mailto:alexgv99 at gmail.com>
> >
> >
> >
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
> >
>
> --
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20150323/2eb1849b/attachment-0001.html
More information about the keycloak-user
mailing list