[keycloak-user] default permissions

Corentin Dupont corentin.dupont at gmail.com
Sun Nov 12 15:50:15 EST 2017


Hi Pedro,
I don't really have public/private paths in the API.
Some resources under those paths can be either public or private, however.
For instance, a URL would be like that:

www.example.com/api/v1/cities/rome/houses

I would like that some cities be accessible by everybody without token,
while some others will be private and require auth token and specific roles
to be accessed.

Thanks!


On Fri, Nov 10, 2017 at 11:33 AM, Pedro Igor Silva <psilva at redhat.com>
wrote:

> Hi,
>
> I think you could probably change your application and remove the
> resources/paths you want to make public from the list of resources
> protected by the adapter.
>
> On Thu, Nov 9, 2017 at 2:06 PM, Corentin Dupont <corentin.dupont at gmail.com
> > wrote:
>
>> Another question: how to apply default authorizations?
>>
>> I want to protect my API with authorization in Keycloak. However some
>> resources should be open to the public, accessible without any bearer
>> token.
>> My idea was:
>> - create an "unregistered_user" composite role, containing some basic
>> roles
>> - create a "guest" user, with the unregistered_user role
>> - on the API server, if there is no token in the request I will get the
>> roles of the guest user and user them. If there is a token, I'll use that
>> user permissions.
>> What do you think of that process?
>>
>> Thanks
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
>


More information about the keycloak-user mailing list