Keycloak spring boot configuration for client roles

Question

Keycloak spring boot configuration for client roles

I have spring boot enabled api configured with keycloak.

keycloak.realm = demo
keycloak.realmKey = yfdsfdiufuydhf
keycloak.auth-server-url = http://localhost:8080/auth
keycloak.ssl-required = external
keycloak.resource = lib-backend
keycloak.bearer-only = true
keycloak.credentials.secret = a9fa2e60-324b-4508-b33d-84be2a981da3
# Keycloak Enable CORS
keycloak.cors = true

keycloak.securityConstraints[0].securityCollections[0].name = spring secured api
keycloak.securityConstraints[0].securityCollections[0].authRoles[0] = lib_sadmin

The above code will return the api for the client without any problem. But when I remove the scope role and enable the client role, you get a 403 forbidden error.

+3

spring-boot keycloak

boycod3 Apr 17 17 at 10:29

source to share

1 answer

Gex · Answer 1 · 2017-08-09T15:19:16+0000

If you want to work with client roles, you must add this to your config:

keycloak.use-resource-role-mappings=true

Keycloak spring boot configuration for client roles

More articles: