[keycloak-user] default permissions

Pedro Igor Silva psilva at redhat.com
Fri Nov 10 05:33:07 EST 2017


Hi,

I think you could probably change your application and remove the
resources/paths you want to make public from the list of resources
protected by the adapter.

On Thu, Nov 9, 2017 at 2:06 PM, Corentin Dupont <corentin.dupont at gmail.com>
wrote:

> Another question: how to apply default authorizations?
>
> I want to protect my API with authorization in Keycloak. However some
> resources should be open to the public, accessible without any bearer
> token.
> My idea was:
> - create an "unregistered_user" composite role, containing some basic roles
> - create a "guest" user, with the unregistered_user role
> - on the API server, if there is no token in the request I will get the
> roles of the guest user and user them. If there is a token, I'll use that
> user permissions.
> What do you think of that process?
>
> Thanks
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>


More information about the keycloak-user mailing list