[keycloak-user] CRUD Using KeyCloak
sthorger at redhat.com
Wed Mar 2 07:10:07 EST 2016
If you have a limited number of screens then it can a good idea to create
roles for these, and you can just create these a client roles using the
admin console or admin endpoints. You can use a delimiter in the role name
to specify the screen (for example 'screen-a/read'. However, if you have a
large number of screens then the roles approach will quickly become
unmanageable and you may be better of using an ACL or something in your
What you are asking for is more often implemented as ACLs rather than RBAC.
RBAC is usually used for things like 'manager' has read/write access to a
group of resources, rather than 'user-a' has read access to 'resource-a'.
On 2 March 2016 at 11:26, Yasser El-ata <yelata at blulogix.com> wrote:
> Hello , i wan't to create CRUD using KeyCloak , i have an angularJS
> application and it's use KeyCloak
> My case is : i have screens in my application that contain sub screens and
> every sub screen contain CRUD roles (CREATE , READ , UPDATE , DELETE) ,
> it's may contain multi levels
> the screenshot may make the case more clear
> the normal client roles is not enough for me or maybe i miss understand
> some thing
> could you please help me how to create these roles in KeyCloak , or if
> KeyCloak is support roles like this or if there is any other way to create
> them ?
> Yasser El-Ata
> Java Developer
> 737 Walker Rd Ste 3, Great Falls, VA 22066
> t: 443.333.4100 | f: 443.333.4101
> *www.blulogix.com <http://www.blueoss.com/>*
> The information transmitted is intended only for the person(s) to whom it
> is addressed and may contain confidential and/or privileged material. Any
> review, retransmission, dissemination or other use of, or taking of any
> action in reliance upon, this information by persons or entities other than
> the intended recipient is prohibited. If you received this in error, please
> contact the sender and delete the material from any computer.
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the keycloak-user