[keycloak-user] Limiting the admin REST API
Bystrik Horvath
bystrik.horvath at gmail.com
Fri Nov 27 05:08:39 EST 2015
Hello everyone,
I would like to limit the functionality of the admin REST API to the
calling user/application.
The motivation is not to expose the "internals" of keycloak and put some
logic between the calling app and admin REST API.
My idea was to create a simple web application deployed at keycloak server
that belongs to the same realm as calling application and realm management
application.
Would you recommend that approach? Or is there anything more suitable
(e.g.: implement it as a keycloak valve... etc.)?
Thank you for your opinions.
Best regards,
Bystrik
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20151127/dde67ae1/attachment.html
More information about the keycloak-user
mailing list