Skip to main content

Permission Management

note

In this demonstration, we only focus on how to complete the connections between role and permission. Keycloak can do so much more, please refer to Keycloak for more details.

Adding Role

  1. Select System > Authentication, and then enter admin/admin to log in to Keycloak.
  2. Select supos as the realm.
  1. Select Clients, and then click supos.

The realm and client are preset, you can also add new ones as needed. ::: 4. Under Roles, click Create role to add a new role.

  1. Click Save.

Assigning Permission to Role

To assign permissions to different roles, you need to first define the resources to be accessed, set policies of how to and who can access, and finally configure permissions.

Adding Resource

  1. On the client details page, select Authorization.
  2. Select Resources, and then click Create resource.
  1. Enter the required fields, and then add URIs which are the resource path.
  2. Click Save.

Setting Policy

  1. On the client details page, select Authorization.
  2. Select Policies, and then click Create client policy.
  3. Set the policy type to Role.
  1. Enter the required fields, and then select the role you want to grant access to.
info

For example, select role A, that means, only users assigned with role A can access the resources associated with corresponding permission.

  1. Click Save.

Configuring Permission

  1. On the client details page, select Authorization.
  2. Select Permissions > Create permission > Create resource-based permission.
  3. Enter the required fields, and then select the resource and policies.
  1. Click Save.