[keycloak-user] Application Management
Raghu Prabhala
prabhalar at yahoo.com
Mon Mar 23 20:50:39 EDT 2015
+1. Glad that you are willing to pitch in. May I request that an API be provided to add users to this role dynamically?
Regards,Raghu
From: Alex Gouvêa Vasconcelos <alexgv99 at gmail.com>
To: Bill Burke <bburke at redhat.com>
Cc: "keycloak-user at lists.jboss.org" <keycloak-user at lists.jboss.org>; Thiago Addevico Presa <thiago.addevico at gmail.com>
Sent: Monday, March 23, 2015 4:31 PM
Subject: Re: [keycloak-user] Application Management
We found a Jira about the same issue we talked about [1]. We are available to help implementing that feature, but we barely know about the keycloak implementation.
Our current idea is to create the app-admin role when the application is created in the realm. We would display a widget in the Application > <app name> > Roles > <role name> screen to allow the app-admin to assign the given role to users.
As for the schema, we're not sure how to store the "app-admin" information. We provisionally thought about a boolean field stating whether the role is the admin role of the app associated, but input here would be very welcome.
In short, if someone could provide some guidance on this sort of issues, we're more than happy to provide some code.
[1] https://issues.jboss.org/browse/KEYCLOAK-1032
Cordialmente.Alex Gouvêa Vasconcelosmailto:alexgv99 at gmail.com
MSN: alexgv99 at hotmail.com
http://about.me/alexgv99
2015-03-23 12:06 GMT-03:00 Bill Burke <bburke at redhat.com>:
So, you have an "application admin", and you want this admin to only be
able to add permissions for that app for a specific user? You'll have
to submit a JIRA for that. Our queue is very large right now, so I
can't promise much.
On 3/23/2015 10:55 AM, Alex Gouvêa Vasconcelos wrote:
> Hi all...
>
> We started using keycloack a few weeks ago, trying a SSO solution for
> our company. We used to use a proprietary system for
> authentication/authorization and our users have a console admin which
> allow them to manage users and roles per application.
> We tried doing that in keycloack but the only way we found to do
> something similar to that, was giving realm-management rights to the
> application admin. This was not what we were trying to do, because those
> rights allow the admin of app1 give permission to users of app2.
>
> We found another user of this forum with a similar question in february
> archives... [1] but the answer did not specify if this is in future
> plans. If not, is there any help we could count on to implement ourselves?
>
> [1] http://lists.jboss.org/pipermail/keycloak-user/2015-February/001540.html
>
> Best regards.
> Alex Gouvêa Vasconcelos
> mailto:alexgv99 at gmail.com <mailto:alexgv99 at gmail.com>
>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
_______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
_______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20150324/52554e21/attachment.html
More information about the keycloak-user
mailing list