[keycloak-user] authorizationSettings not in response
Pedro Igor Silva
psilva at redhat.com
Thu Jun 6 09:25:05 EDT 2019
The best I can give you right now (sorry for that) is
https://github.com/keycloak/keycloak/blob/066bef744f50d369012e1cb408b1c89ebf808fd1/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/ClientResource.java#L209
.
>From the AuthorizationResource you have access to everything.
On Thu, Jun 6, 2019 at 10:22 AM Ori Doolman <Ori.Doolman at cyberark.com>
wrote:
> Great. I was looking for that as well. I don't think it is documented.
> How do you manipulate the authorization entities by REST API?
> For example, add a resource or a scope, modify policy etc.
>
>
> -----Original Message-----
> From: keycloak-user-bounces at lists.jboss.org <
> keycloak-user-bounces at lists.jboss.org> On Behalf Of Pedro Igor Silva
> Sent: Thursday, June 6, 2019 3:43 PM
> To: Rafael Tovar. <rafatov10 at gmail.com>
> Cc: keycloak-user <keycloak-user at lists.jboss.org>
> Subject: Re: [keycloak-user] authorizationSettings not in response
>
> Hi,
>
> Please, append the following path to your URI: "
> /authz/resource-server/settings".
>
> Regards.
> Pedro Igor
>
> On Thu, Jun 6, 2019 at 8:41 AM Rafael Tovar. <rafatov10 at gmail.com> wrote:
>
> > Hi everybody,
> > I'm trying to get the authorization settings of a client, but its not
> > coming in the response of the request.
> > This is the request im doing:
> >
> > https://urldefense.proofpoint.com/v2/url?u=http-3A__localhost-3A8080_a
> > uth_admin_realms_master_clients_c8e32bbc-2D72e6-2D4c30-2D827f-2D41ee51
> > 980433_&d=DwICAg&c=E55fojPA83XrPGfndbiaQQ&r=o_QF9VVN9H4LTRTYF8YMPkr6mG
> > Z6BOo1SvoOkvu0tBw&m=DLpa-D1y8zX1Cq0Hewm4RRkmQbD8mMhJa1vurH06wdY&s=9-yp
> > A5J1MC05KhyJ0Wt2UjBualwKUwejLvPXS4JUB0w&e=
> >
> > and this is the response:
> >
> > {
> > "id": "c8e32bbc-72e6-4c30-827f-41ee51980433",
> > "clientId": "api",
> > "surrogateAuthRequired": false,
> > "enabled": true,
> > "clientAuthenticatorType": "client-secret",
> > "redirectUris": [
> > "*"
> > ],
> > "webOrigins": [],
> > "notBefore": 0,
> > "bearerOnly": false,
> > "consentRequired": false,
> > "standardFlowEnabled": true,
> > "implicitFlowEnabled": false,
> > "directAccessGrantsEnabled": true,
> > "serviceAccountsEnabled": true,
> > "authorizationServicesEnabled": true,
> > "publicClient": false,
> > "frontchannelLogout": false,
> > "protocol": "openid-connect",
> > "attributes": {
> > "saml.assertion.signature": "false",
> > "saml.force.post.binding": "false",
> > "saml.multivalued.roles": "false",
> > "saml.encrypt": "false",
> > "saml.server.signature": "false",
> > "saml.server.signature.keyinfo.ext": "false",
> > "exclude.session.state.from.auth.response": "false",
> > "saml_force_name_id_format": "false",
> > "saml.client.signature": "false",
> > "tls.client.certificate.bound.access.tokens": "false",
> > "saml.authnstatement": "false",
> > "display.on.consent.screen": "false",
> > "saml.onetimeuse.condition": "false"
> > },
> > "authenticationFlowBindingOverrides": {},
> > "fullScopeAllowed": true,
> > "nodeReRegistrationTimeout": -1,
> > "protocolMappers": [
> > {
> > "id": "97330e11-24df-40ce-9335-51d5126d4059",
> > "name": "Client Host",
> > "protocol": "openid-connect",
> > "protocolMapper": "oidc-usersessionmodel-note-mapper",
> > "consentRequired": false,
> > "config": {
> > "user.session.note": "clientHost",
> > "id.token.claim": "true",
> > "access.token.claim": "true",
> > "claim.name": "clientHost",
> > "jsonType.label": "String"
> > }
> > },
> > {
> > "id": "9e45c71d-63f9-4d15-a3b2-e8064a569041",
> > "name": "Client ID",
> > "protocol": "openid-connect",
> > "protocolMapper": "oidc-usersessionmodel-note-mapper",
> > "consentRequired": false,
> > "config": {
> > "user.session.note": "clientId",
> > "id.token.claim": "true",
> > "access.token.claim": "true",
> > "claim.name": "clientId",
> > "jsonType.label": "String"
> > }
> > },
> > {
> > "id": "1e3f6604-a22e-4b0b-b5d8-ffaa501c142f",
> > "name": "Client IP Address",
> > "protocol": "openid-connect",
> > "protocolMapper": "oidc-usersessionmodel-note-mapper",
> > "consentRequired": false,
> > "config": {
> > "user.session.note": "clientAddress",
> > "id.token.claim": "true",
> > "access.token.claim": "true",
> > "claim.name": "clientAddress",
> > "jsonType.label": "String"
> > }
> > }
> > ],
> > "defaultClientScopes": [
> > "web-origins",
> > "role_list",
> > "profile",
> > "roles",
> > "email"
> > ],
> > "optionalClientScopes": [
> > "address",
> > "phone",
> > "offline_access",
> > "microprofile-jwt"
> > ],
> > "access": {
> > "view": true,
> > "configure": true,
> > "manage": true
> > }
> > }
> >
> > Thanks,
> > Rafael.
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org
> > https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.jboss.org_m
> > ailman_listinfo_keycloak-2Duser&d=DwICAg&c=E55fojPA83XrPGfndbiaQQ&r=o_
> > QF9VVN9H4LTRTYF8YMPkr6mGZ6BOo1SvoOkvu0tBw&m=DLpa-D1y8zX1Cq0Hewm4RRkmQb
> > D8mMhJa1vurH06wdY&s=ftNZFS0MmIPo6qHQ5UK6NWEyvM23zQzIkjIKnmWtB7I&e=
> >
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
>
> https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.jboss.org_mailman_listinfo_keycloak-2Duser&d=DwICAg&c=E55fojPA83XrPGfndbiaQQ&r=o_QF9VVN9H4LTRTYF8YMPkr6mGZ6BOo1SvoOkvu0tBw&m=DLpa-D1y8zX1Cq0Hewm4RRkmQbD8mMhJa1vurH06wdY&s=ftNZFS0MmIPo6qHQ5UK6NWEyvM23zQzIkjIKnmWtB7I&e=
>
> ----------------------------------------------------------------------
> _______________________________________________
> This e-mail may contain information that is confidential, privileged or
> otherwise protected from disclosure.
> If you are not an intended recipient of this e-mail, do not duplicate or
> redistribute it by any means. Please delete it and any attachments and
> notify the sender that you have received it in error.
>
More information about the keycloak-user
mailing list