[keycloak-user] Keycloak Groups vs. Roles vs. Composite Roles vs. Auth Scope?
Melissa Palmer
melissa.palmer at gmail.com
Fri Oct 26 05:11:13 EDT 2018
Hi,
*Is it possible to explain the difference between "Keycloak Groups vs.
Roles vs. Composite Roles vs. Auth Scope" more detail? *
*I know there is the description here: *
https://www.keycloak.org/docs/latest/server_admin/index.html#groups-vs-roles
*From that I get *
- Groups should focus on collections of users and their roles in your
organization (Use groups to manage users. ). ☑
- Use composite roles to manage applications and services. ☑
- BUT previously said "Roles define a type of user and applications assign
permission and access control to roles"
& I don't see where you should maintain "access control to roles"
In other examples I see scopes being used for access control
- album:view
- album:delete
Some more explanation on these different concepts would be greatly
appreciated.
Thank You in Advance
Melissa
More information about the keycloak-user
mailing list