[keycloak-user] create-client realm permission

Pedro Igor Silva psilva at redhat.com
Tue Dec 3 12:53:03 EST 2019


Hi David,

We should probably have a JIRA for this one. You basically described the
issue which is the dependency on the manage-clients in particular. Ideally,
we should align the admin console to not only rely on roles as it stands
today but also on the permissions if you have enabled it.

Regards.
Pedro Igor

On Tue, Dec 3, 2019 at 1:41 PM David Sautter <
David.Sautter at rohde-schwarz.com> wrote:

> Hello,
>
> I want to give a group the permission to create clients for themselves,
> but not see and manage a set of other clients, for which they do not have
> permissions. They need to be in the same realm.
>
> I noticed that the “Create Client” button only appears, when the user has
> both the realm roles “manage-clients” & “create-clients”. I would want to
> give him only “query-clients” and “create-clients”, so that he would
> see/edit just a subset of clients plus be able to create a new one for
> himself.
>
> How do I do that?
>
> Mit freundlichen Grüßen/ Best Regards,
> David Sautter
>
> Rohde & Schwarz GmbH & Co. KG
> Postbox 80 14 69, D-81614 Muenchen
> Dept. 1DS5
> Fon: +49 89 4129 15256
> Email: David.Sautter at rohde-schwarz.com<mailto:
> David.Sautter at rohde-schwarz.com>
>
> Der Inhalt dieses E-Mails ist ausschliesslich für den/die beabsichtigten
> Adressaten bestimmt. Es kann Informationen enthalten, die vertraulich
> und/oder rechtlich geschützt sind. Jegliche Ansicht, Weiterleitung,
> Verbreitung oder Nutzung durch andere Personen oder Stellen als durch den
> beabsichtigten Adressaten ist verboten.
> Falls Sie diese E-Mail irrtümlicherweise erhalten haben, informieren Sie
> bitte den Absender und löschen Sie das Datenmaterial von Ihrem Computer.
>
> If you are not the intended recipient of this message, you are hereby
> notified that any dissemination, use or distribution of this message is
> unauthorized and prohibited. Please immediately notify the sender that you
> have received this mes-sage and destroy the original.
> Although this message has been checked for viruses, it is not guaranteed
> to be virus-free. You are strongly advised to perform another virus check
> of any attachment before opening it.
>
> Geschäftsführung / Executive Board: Christian Leicher (Vorsitzender /
> Chairman), Peter Riedel, Sitz der Gesellschaft / Company's Place of
> Business: München, Registereintrag / Commercial Register No.: HRA 16 270,
> Persönlich haftender Gesellschafter / Personally Liable Partner: RUSEG
> Verwaltungs-GmbH, Sitz der Gesellschaft / Company's Place of Business:
> München, Registereintrag / Commercial Register No.: HRB 7 534,
> Umsatzsteuer-Identifikationsnummer (USt-IdNr.) / VAT Identification No.: DE
> 130 256 683, Elektro-Altgeräte Register (EAR) / WEEE Register No.: DE 240
> 437 86
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user


More information about the keycloak-user mailing list