[keycloak-user] Set which user can authenticate at which client

[Remko Lodder]

Hi,

I am new to Keycloak and first of all I would like to thank you and all contributors for all your hard work.
I have little experience with Keycloak and it’s usage so please put me on the correct track in case I am off :-)

So: For a customer and my own environment I am implementing Keycloak. I am consolidating our users in one
Realm and have added a multitude of clients (both saml as oidc). I would like to be able to place selectors on users
when importing them or setting it manually, that someone has access to for example gitlab. I found that Okta has
probably want I am looking for described here:

https://help.okta.com/en/prod/Content/Topics/Directory/group-assign-app.htm <https://help.okta.com/en/prod/Content/Topics/Directory/group-assign-app.htm>

Now, is there something like that also in Keycloak? I would like users to be part of a group, or role, or whatever
and that way control who has access where, without needing to fiddle with the application on the back (I can do
that for targetting specific roles, like admin, manager, read-write, read-only, etc).

I was not able to find something similar .. so probably I overlooked it or didn’t understand the documentation :-)

Any pointers/suggestions/this is not an option right now?

Thanks & Again, thank you all,
Remko
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
Url : http://lists.jboss.org/pipermail/keycloak-user/attachments/20190623/7c56f7ba/attachment.bin