[prev in list] [next in list] [prev in thread] [next in thread] 

List:       keycloak-user
Subject:    [keycloak-user] Keycloak Clients Access Restriction
From:       alexis86600 () gmail ! com (Alexis Reclus)
Date:       2018-09-27 6:02:25
Message-ID: CA6C9FA2-D240-446E-88DF-6A64BCAD8CE2 () gmail ! com
[Download RAW message or body]

Hey, 

I am authenticating users of different web applications using Keycloak (with an Open \
ID Connect Identity Provider).  The architecture is the following:
- 1 realm
- Different clients (client A, client B) in the realm, each client corresponding to a \
                web application. 
- Users (user 1, user 2, user 3)

I want to create different groups of users (group A = user1 & user3 and group B = \
user1 & user2) and each group can access specific clients but can?t access the other \
clients (group 1 can?t access to web application in client B). I tried to implement \
scopes, roles, groups but I am not sure this is the good way. 

How can I realize this in using Keycloak configurations?

Best regards,


[prev in list] [next in list] [prev in thread] [next in thread]