[keycloak-user] keycloak-gatekeeper + fine-grained authorization
Christian Hügel
mechanix at live.de
Tue May 21 15:30:50 EDT 2019
> On 21. May 2019, at 15:15, Bruno Oliveira <bruno at abstractj.org> wrote:
>
> It seems to me that you're trying to use authorization services with
> Gatekeeper (I can be wrong). If that's the case, unfortunatelly that's
> not supported yet. But certainly something that we might consider in the
> future.
That would be great. We’re somehow managed to do that with roles and scopes.
>
> If I guessed it all wrong, please share how you're configuring
> Gatekeeper.
>
> On 2019-05-21, Tyler Johnson wrote:
>> I'm trying to figure out how to use keycloak-gatekeeper with the
>> fine-grained authorization option in Keycloak.
>>
>> I set up the authorization and ran an evaluation within the Keycloak UI
>> that correctly gave DENY for user 'test', but when I use that same user to
>> log in through gatekeeper, it says it's permitted and directs me to
>> upstream.
>>
>> Is there anything I need to enable on gatekeeper side to have it enforce,
>> or any pointers here?
>>
>> Thanks,
>> Tyler
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
> --
>
> abstractj
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list