Spring Keycloak adapter Permissions Policy Enforcer. How to set it up

I've managed to get it working by adding uma_protection role to the Service Account Roles tab in Keycloak client configuration

Here's the place where it is in Keycloak

More information about it here: http://www.keycloak.org/docs/2.0/authorization_services_guide/topics/service/protection/whatis-obtain-pat.html

Second part of the solution:

It's mandatory to have the security constrains in place even if they don't mean much to you. Example:

keycloak.securityConstraints[0].authRoles[0] = ROLE1
keycloak.securityConstraints[0].securityCollections[0].name = protected
keycloak.securityConstraints[0].securityCollections[0].patterns[0] = /*

Useful demos: https://github.com/keycloak/keycloak-quickstarts

Spring Keycloak adapter Permissions Policy Enforcer. How to set it up

Tags:

Authorization

Spring Security

Privileges

Spring Boot

Keycloak

Related

Recent Posts