[keycloak-user] Status of PolicyProvider SPI for authorization

Vegard Vaage vegard.vaage at evry.com
Thu May 16 02:28:14 EDT 2019


Hi!

I have two similar use cases that both would benefit from the policy provider SPI.

In one use case there's an external authorization service with its own database that I'd like to keep, but I'd also like to use Keycloak as a frontend to get a standardized way of performing authorization. One way to achieve this would be to write a custom policy provider SPI that fetches what it needs from the external database.

Similarly there's another datastore that has authorization information in a non-relational database, that I'd also like to be able to use to make authorization decisions.

1.     Before I go any further down this path - according to KEYCLOAK-4901<https://issues.jboss.org/browse/KEYCLOAK-4901> the policy provider SPI is supported now, but I can't find anything in the official docs. Is it (still) supported?

Best regards,
Vegard



More information about the keycloak-user mailing list