[keycloak-user] 403 Forbidden error when trying to access realm admin console in 4.7.0
Geoffrey Cleaves
geoff at opticks.io
Sat Dec 22 17:00:07 EST 2018
When I was messing with granular permissions recently I had to give the
view-realm role in order to log into the Admin Console.
On Fri, Dec 21, 2018, 19:29 Mandy Fung <mandy.fung at tasktop.com wrote:
> Hello,
>
> We've recently upgraded from 4.5.0 to 4.7.0 and users can no longer access
> the dedicated realm admin console (/auth/admin/{realm}/console) with the
> same realm-management roles that they had in 4.5.0.
>
> We only want our admin users to manage users and groups and in 4.5.0 we
> were able to assign the following roles to our admin users such that only
> the "Manage > Groups" and "Manage > Users" tab show up in the realm admin
> console: 'manage-users', 'query-groups', 'query-users', and 'view-users'.
>
> However, with the new upgrade to 4.7.0 these admin users with the same
> realm-management roles assigned can no longer access the realm admin
> console and they see a 403 Forbidden error page.
>
> Has anyone run into this issue recently or if there are some new realm
> management roles added in 4.7.0 that we need to re-configure?
>
> Best regards,
> Mandy
>
> --
>
>
> *Mandy Fung **|* Software Engineer 1 *| *Tasktop
>
> *email: *mandy.fung at tasktop.com
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
More information about the keycloak-user
mailing list