Keycloak authorization: CRUD Authorization Policies, Permissions via API

问题

In Keycloak I see there is a CRUD API to create a resource (and scopes):

http://${host}:${port}/auth/realms/${realm_name}/authz/protection/resource_set

Create resource set description: POST /resource_set
Read resource set description: GET /resource_set/{_id}
Update resource set description: PUT /resource_set/{_id}
Delete resource set description: DELETE /resource_set/{_id}

But I don't see an API to CRUD Authorization Policies, Permissions.

I tried to create policies via the protection/resource_set endpoint but failed:

POST: "policies":[ {...} ] => Unrecognized field "policies"

Is there a way to CRUD Authorization Policies/Permissions via API?

(I'm not using a java client - I want to do this with postman)

Any help would be grateful

回答1:

Ok found something ...

When requesting API endpoints like this you get the access to policies/permissions:

http://${host}:${port}/auth/admin/realms/${realm_name}/clients/${client_id}/authz/resource-server/policy/user/${policy_id}

But I still can't find something in the official documentation about this ...

来源：https://stackoverflow.com/questions/48731301/keycloak-authorization-crud-authorization-policies-permissions-via-api

标签

api

permissions

crud

keycloak

policy

易学教程内所有资源均来自网络或用户发布的内容，如有违反法律规定的内容欢迎反馈！
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!