[keycloak-user] Status of PolicyProvider SPI for authorization
Pedro Igor Silva
psilva at redhat.com
Thu May 16 08:39:44 EDT 2019
Hi Vegard,
Community wise, you are free to use it. As you noticed we are missing docs
and examples about how to use it.
We have quite a few examples in Keycloak codebase that you can use as a
guideline to implement your own policy provider.
I can also help you with this implementation and update docs accordingly.
We can discuss more here https://issues.jboss.org/browse/KEYCLOAK-9254.
Regards.
Pedro Igor
On Thu, May 16, 2019 at 3:30 AM Vegard Vaage <vegard.vaage at evry.com> wrote:
> Hi!
>
> I have two similar use cases that both would benefit from the policy
> provider SPI.
>
> In one use case there's an external authorization service with its own
> database that I'd like to keep, but I'd also like to use Keycloak as a
> frontend to get a standardized way of performing authorization. One way to
> achieve this would be to write a custom policy provider SPI that fetches
> what it needs from the external database.
>
> Similarly there's another datastore that has authorization information in
> a non-relational database, that I'd also like to be able to use to make
> authorization decisions.
>
> 1. Before I go any further down this path - according to KEYCLOAK-4901<
> https://issues.jboss.org/browse/KEYCLOAK-4901> the policy provider SPI is
> supported now, but I can't find anything in the official docs. Is it
> (still) supported?
>
> Best regards,
> Vegard
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
More information about the keycloak-user
mailing list