[prev in list] [next in list] [prev in thread] [next in thread]
List: keycloak-user
Subject: [keycloak-user] (no subject)
From: hmidi.slim2 () gmail ! com (hmidi slim)
Date: 2018-03-06 18:46:45
Message-ID: CAMsqVxvvqAW2BQvBvHnNPwAD31jJ3QF-cdto0AX9tnbnkyabVw () mail ! gmail ! com
[Download RAW message or body]
Hi,
I'm trying to protect some resources of my node.js app using RBAC mechanism.
I have creted a realm called MyApp and a user called user, then I create
some realm roles such as: res_r (read resource), res_u (update resource),
res_d (delete_resource), res_c(create resource).
Then I tried to give the user User the realm roles: res_r
After I configure keycloak using keycloak-connect, I added:
const router = require('express').Router();
router.get('resource', keycloak.protect('realm: res_r'), handler)
However I'm not able to read the resource. I decode the authorization with
jwt I got in the token:
"realm_access": {
"roles": [
"res_r",
"uma_authorization",
]
},
"resource_access": {
"account": {
"roles": [
"manage-account",
"manage-account-links",
"view-profile"
]
}
},
How can I fix the probelm?
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic