Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-13598

Add support for Client Roles in KeycloakRealm Custom Resource

    Details

    • Docs QE Status:
      NEW
    • QE Status:
      NEW

      Description

      Motivation

      Keycloak Operator doesn't provide a way to configure client roles at Realm level. Since Keycloak REST API does it, we should also provide this in the Operator for symmetry.

      Design

      KeycloakAPIRealm should reflect RealmRepresentation. The goal is to add clientRoles sub-resource to the KeycloakAPIRealm. No other changes should be necessary.

      Risks/Limitations

      Roles are represented differently when looking at RealmRepresentation (where it is a sub-resource) and UserRepresentation (where it is an array of Strings). There are also Client Roles, which are represented as map[string][]string. The implementation might require revisiting all 3 approaches and checking, which one fits best. However, this engineering task shouldn't take long.

      Rough Estimate

      1-2 days for 1 person.

      Open Questions

      None.

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  Unassigned
                  Reporter:
                  sebastian.laskawiec Sebastian Laskawiec
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  3 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: