[keycloak-user] "Resource type" permissions and ownership

Corentin Dupont corentin.dupont at gmail.com
Sat May 4 10:01:49 EDT 2019


Hi guys,
I noticed that when I use "Resource type" permissions ("Apply to Resource
Type" is checked), only the resources that belong to the client are
returned. Resources that belong to users will not be returned.
Basically, I created 2 resources with the API: one belonging to the client,
one to a user.
I then evaluate my permissions, with "Apply to Resource Type" on. Only the
resource belonging to the client will be returned.
Why is that?
If my resources need to belong to the client, how to manage ownership
policies? Should I use Resource Attributes for that?
Furthermore, I think UMA will not work anymore if the owner of the resource
is the client?

Thanks a lot!
Corentin


More information about the keycloak-user mailing list