Document Keycloak Resource Server Setup for Backend Services #27

Open
opened 2025-06-03 23:03:46 +00:00 by abed.alrahman · 0 comments
Member

Goal: Create a guide for backend service teams on how to configure their services as Keycloak Resource Servers and define resources/scopes for UMA-based endpoint authorization.
Brief Description: Produce documentation that outlines the steps and best practices for backend teams to:

Register their service as a Keycloak Client and enable Authorization Services (making it a Resource Server).
Define their API endpoints as "Resources" in Keycloak.
Define HTTP methods (or business actions) as "Scopes" for these resources.
Create basic "Policies" (e.g., role-based, group-based) and "Permissions" that link these together.
Explain how these definitions will be used by auth-service for UMA-based permission evaluation. Include URN-like naming convention guidelines for resources and scopes.
Goal: Create a guide for backend service teams on how to configure their services as Keycloak Resource Servers and define resources/scopes for UMA-based endpoint authorization. Brief Description: Produce documentation that outlines the steps and best practices for backend teams to: Register their service as a Keycloak Client and enable Authorization Services (making it a Resource Server). Define their API endpoints as "Resources" in Keycloak. Define HTTP methods (or business actions) as "Scopes" for these resources. Create basic "Policies" (e.g., role-based, group-based) and "Permissions" that link these together. Explain how these definitions will be used by auth-service for UMA-based permission evaluation. Include URN-like naming convention guidelines for resources and scopes.
abed.alrahman added this to the V.01 milestone 2025-06-04 10:27:29 +00:00
Sign in to join this conversation.
No milestone
No project
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: clevermicro/user-management#27
No description provided.