Keycloak set group as resource owner

I am new to keyclay and am trying to use it as an auth server in my solution.

I have the following entity model: devices are owned by a specific company that owns multiple users . A user with a role administrator can grant permission to view a certain set of devices for a standard user, but only for those devices that belong to the administrative company. This way, all users except admins can only view a subset of all devices in the company. Based on the requirements, I decided to make the company a group and devices as keycloak resources . For evaluating permissions, I chose a rules-based policy.

Question: can I set a group as the owner of a resource to validate this relationship in a policy?

If anyone is more experienced with keyclay and knows how to best represent such a model, please help.

Thanks in advance.

+3

authorization abac keycloak

Kirill Liubun June 29. 17 at 13:37

source to share

No one has answered this question yet

Check out similar questions:

ten

How to implement JavaScript Group Policy in Keycloak

five

Resources, scopes, permissions and policies in keycloak

0

Limiting available groups for a specific user in keycloak

0

How to enforce route permission using Keycloak-connect.js

0

keycloak - How to create a policy to allow a client based on their HTTP request?

0

KeyCloak restricting user management to specific groups while enabling "control users"

0

It looks like key-mind tickets for service accounts are not working with policies

0

Keycloak - Resource Role

0

How to configure group policies about keycloak

0

Spring Boot 2 and Keycloak Authorization: Implementing a Simple REST API

All Articles