Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-9483

Only grant permission to resource if the permission is resource-based

    Details

    • Docs QE Status:
      NEW
    • QE Status:
      NEW

      Description

      Currently, if you try to evaluate permissions for a Resource Foo where there is only a scope permission granting access to a single Scope Bar associated with the resource, authorization requests to any other scope is granted even though only Bar is associated with the permission.

      To make the results more intuitive, access to resources should only be granted if the permission is a resource-based permission. In this case, access to any other scope not explicitly granted by a permission will be denied.

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                pcraveiro Pedro Igor Silva
                Reporter:
                pcraveiro Pedro Igor Silva
              • Votes:
                3 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated: