keycloak-scim/topics/policy-evaluation-tool/overview.adoc

25 lines
1.3 KiB
Text
Raw Normal View History

2016-11-29 15:30:53 +00:00
[[_policy_evaluation_overview]]
== Policy Evaluation Tool
When designing your policies, you can simulate authorization requests to test how your policies are being evaluated.
You can access the Policy Evaluation Tool by clicking the `Evaluate` tab when editing a resource server. There you can specify different inputs to simulate real authorization requests and test the effect of your policies.
2016-06-05 22:17:31 +00:00
image:../../images/policy-evaluation-tool.png[alt="Policy Evaluation Tool"]
=== Providing Identity Information
The *Identity Information* filters can be used to specify the user requesting permissions.
2016-06-05 22:17:31 +00:00
You can also click *Entitlement* to obtain all permissions for the user your selected.
2016-06-05 22:17:31 +00:00
=== Providing Contextual Information
The *Contextual Information* filters can be used to define additional attributes to the evaluation context, so that policies can obtain these same attributes.
2016-06-05 22:17:31 +00:00
=== Providing the Permissions
The *Permissions* filters can be used to build an authorization request. You can request permissions for a set of one or more resources and scopes. If you want
to simulate authorization requests based on all protected resources and scopes, click *Add* without specifying any `Resources` or `Scopes`.
When you've specified your desired values, click *Evaluate*.