[keycloak-user] Atrributes in resources into Keycloak Authorization services
Thiago Presa
thiago.addevico at gmail.com
Mon Jan 22 06:51:50 EST 2018
Hi,
We're looking into Keycloak Authorization services, but currently, we can't
get our heads around configuring in Keycloak a policy the following
authorization requirement:
Suppose we have a corporate Google-docs-like app, where every document has
a clearance level (e.g. confidential, internal, public). Every user has its
own permission level, which indicates whether the user is allowed to access
confidential, internal or public documents.
Could you please advise as to how to implement such requirements into
Keycloak Authorization services?
Assuming this isn't currently supported, a simple solution seems to be
implementing the ability to set resource attributes and make them available
to policy construction. Would you be considering implementing such approach
(or any other)?
Best regards,
Thiago Presa
More information about the keycloak-user
mailing list