[keycloak-user] resource ids
Corentin Dupont
corentin.dupont at gmail.com
Thu Jun 27 04:26:36 EDT 2019
Hi guys,
I discovered that you can provide your own id when creating resources:
curl -X POST "
http://localhost:8080/auth/realms/waziup/authz/protection/resource_set" -H
"Authorization: Bearer $CLIENTTOKEN" -H "Content-Type: application/json" -d
'{*"_id": "123-456"*, "type": "test", "name":"test",
"scopes":["sensors:create","sensors:view","sensors:update","sensors:delete"],"owner":"cdupont",
"ownerManagedAccess": true}'
This is very practical for synchronizing the resources with my own database.
After some investigation, I found:
- the ID should be unique
- the name should be unique
Is that correct? The resource type is not used in the unicity.
In my application database, resources with different types are stored in
different collections, so two resources with different types *can* have the
same ID.
How do you suggest to solve this in Keycloak? Providing a keycloak ID of
the form <type>-<ID> for example? e.g. sensor-123 and project-123 would not
collide.
Cheers
More information about the keycloak-user
mailing list