[keycloak-user] Keycloak to set up Teams and Organizations
Tim Dudgeon
tdudgeon.ml at gmail.com
Wed Oct 14 10:53:18 EDT 2015
The use case for me is to use multiple realms for authentication (e.g.
one realm for each organisation) that can access a single application
using a common set of roles.
Its sort of discussed from a different perspective on the apiman list here:
http://lists.jboss.org/pipermail/apiman-user/2015-October/000361.html
Tim
On 14/10/2015 15:34, Bill Burke wrote:
> No, we are not creatin "global" groups and roles. use case please?.
> We're trying to keep realms isolated from one another.
>
> On 10/14/2015 7:29 AM, Tim Dudgeon wrote:
>> The scope of this is presumably groups within an individual realm?
>> Is there any possibility for "global" groups and roles that can span
>> multiple realms?
>>
>> Tim
>>
>> On 13/10/2015 17:18, Bill Burke wrote:
>>> You just want something like github groups? List your requirements.
>>>
>>> I am starting on Groups next week after 1.6 goes out.
>>>
>>> On 10/13/2015 9:11 AM, Subhrajyoti Moitra wrote:
>>>> Thanks Stian for the update. any more details about this group feature,
>>>> if you can pl share?
>>>> We are using composite roles currently to manage "business groups".
>>>> Since the group definitions are fixed and mutually exclusive, we are
>>>> able to manage it with composite roles.
>>>>
>>>> Regards,
>>>> Subhro.
>>>>
>>>> On Tue, Oct 13, 2015 at 4:39 PM, Stian Thorgersen <sthorger at redhat.com
>>>> <mailto:sthorger at redhat.com>> wrote:
>>>>
>>>> We are also planning on introducing groups soon. Users will be able
>>>> to belong to one or more groups and a group can have roles and/or
>>>> attributes associated with it.
>>>>
>>>> On 13 October 2015 at 12:58, Subhrajyoti Moitra
>>>> <subhrajyotim at gmail.com <mailto:subhrajyotim at gmail.com>> wrote:
>>>>
>>>> I think u can investigate composite-roles for the same.
>>>> http://keycloak.github.io/docs/userguide/html/roles.html#d4e2207
>>>>
>>>> The composite-roles can be client specific roles re-presenting
>>>> your organizations, and keycloak roles can be the actual
>>>> "business roles" under these composite roles.
>>>>
>>>> HTH.
>>>> Subhro.
>>>>
>>>> On Tue, Oct 13, 2015 at 4:13 PM, Kunal K <kunal at plivo.com
>>>> <mailto:kunal at plivo.com>> wrote:
>>>>
>>>> Hi all,
>>>>
>>>> I am setting up an SSO server and i'm evaluating both CAS
>>>> and Keycloak. One of my main requirements is letting users
>>>> have multiple teams and be a part of multiple organizations.
>>>> I'm trying to wrap my head around how to do this in
>>>> Keycloak. Something on the lines of what Github does -
>>>> https://github.com/blog/674-introducing-organizations As an
>>>> evaluation process, I've already created a POC using CAS.
>>>>
>>>> I would really appreciate any pointers on how to do this
>>>> with Keycloak.
>>>>
>>>> Best,
>>>>
>>>> Kunal
>>>>
>>>>
>>>> --
>>>> *KUNAL KERKAR *| PRODUCT ENGINEER
>>>> Plivo, Inc. 340 Pine St, San Francisco - 94104, USA
>>>> Web: www.plivo.com <http://www.plivo.com/> | Twitter: @plivo
>>>> <http://twitter.com/plivo>, @tsudot <http://twitter.com/tsudot>
>>>>
>>>>
>>>> _______________________________________________
>>>> keycloak-user mailing list
>>>> keycloak-user at lists.jboss.org
>>>> <mailto:keycloak-user at lists.jboss.org>
>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> keycloak-user mailing list
>>>> keycloak-user at lists.jboss.org <mailto:keycloak-user at lists.jboss.org>
>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> keycloak-user mailing list
>>>> keycloak-user at lists.jboss.org
>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
More information about the keycloak-user
mailing list