[keycloak-user] Permission request with no resources

Pedro Igor Silva psilva at redhat.com
Fri Aug 16 07:23:08 EDT 2019


Hi Corentin,

Do you have permissions that grant access to that scope? IIRC, the engine
also processes scope-only permissions with no resources if you have
permissions granting access to it.

On Tue, Aug 13, 2019 at 2:01 PM Corentin Dupont <corentin.dupont at gmail.com>
wrote:

> Hi all,
> I find strange a little thing in the permissions API.
> If I request permissions with some resources in my client, it works well:
>
> $ curl -X POST
> http://localhost:8080/auth/realms/waziup/protocol/openid-connect/token -H
> "Authorization: Bearer $USERTOKEN" -d
>
> "grant_type=urn:ietf:params:oauth:grant-type:uma-ticket&audience=api-server&permission=#gateways:view&response_mode=permissions"
>
> The response is:
>
>
> [{"scopes":["gateways:update","gateways:view","gateways:delete"],"rsid":"gateway-GW1","rsname":"GW1"}]
>
> However, If I request permissions when there is no resources at all in my
> client:
>
> [{"scopes":["gateways:view"]}]
>
> Why not the empty list?
>
> Thanks a lot and good vacations!
> Corentin
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>


More information about the keycloak-user mailing list