I need one use case on authorization. There are 2 groups. Users of both group have an aceess of role incident-user. I want to design a policy for an incident resource. User of each group can view and update a ticket for their groups only. How to achieve it
I only watch this till 5 minutes but I smell something wrong on the first diagram. The browser shouldn't hold any tokens and the one that should hold the access token is a client server
Thanks for this video. You can do this without changing anything from master realm, but this is a bit hidden : Select the client from your realm -> service account roles -> assign roles -> Filter by clients -> You can assign manage-users. If you don't see it, increase the number of items per page.
I can't change the attribute "enabled" sendind a request from Spring Boot to the Rest Api of Keycloak. What should I take into account to do it? When I use Postman, everything is fine, but in my code I can only get access token and I can't send request to Rest Api, it returns 401 error.
you say use it in the master realm, but a realm is specified for each application, so how would one add a user using another realm then the master realm?
hi. thanks for great tutorial. I have enabled remember-me and login with remember-me checkbox selected. It has successfully logged in and worked normally. but when i close browser and open again it returns 502 from keycloak auth url, although it is supposed to relogin and sustain session. It seems when browser restart it deletes AUTH_SESSION_ID and AUTH_SESSION_ID_LEGACY from cookies. it works when i manually add these parameters to auth url.
Your content demonstrating how to use Keycloak's Admin REST API via Oauth2/OIDC Client Credentials flow to perform admins tasks (like create a realm user) is one of the most updated an complete practical explanations available out there. Congratulations Arthur! I'm happy to be your channel new subscriber :)
You have to activate it in Client Settings > Capability config . Activate Client authentication and authorization to be able to access the authorization tab
Excellent video on such a complicated topic. Kudos and thankyou for sharing. I have a question, is there any resource/video on how can a backend API to consume and enforce role, permission, policy and resources as defined in keycloak ? I would highly applreate any help/links/resources on this topic, preferrably with javascript backend apis if possible. Have a great day
great video, I have a question. We want to create a webapp (AUTH powered by Keycloak), and I wanted to check and know if it would be possible to create new roles and users from our frontend application in keycloak ? What would be required on frontend application to be able to do so ? Super thankyou, god bless you