[keycloak-user] resource ids
Pedro Igor Silva
psilva at redhat.com
Thu Jun 27 10:05:00 EDT 2019
Not at all. Feel free to participate in any discussion :)
The name attribute is unique for a client+owner basis.
The unicity of ids is important as we have optimizations around it. In the
future, we are planning to make two main enhancements to resource mgmt:
* Resource-less Evaluation, so that you don't actually need to manage
resources in Keycloak in order to evaluate policies. This can be done today
using a single resource and a JS policy though, but we can provide
something better.
* Resource SPI, so that you can plug your resource store instead of using
Keycloak internal database
On Thu, Jun 27, 2019 at 10:47 AM Marek Lindner <mareklindner at neomailbox.ch>
wrote:
> Hi Pedro,
>
> > One of the main reasons to allow setting the ID is to make easier to map
> > resources managed by Keycloak to those you are protecting in your app.
> >
> > The IDs must be unique.
>
> apologies for jumping in here - if the IDs must be unique why is the name
> also
> required to be unique ? The APIs appear to be referencing the IDs only and
> the
> name is just an attribute to the resource ?
>
> Thanks,
> Marek
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list