keycloak-scim/docs/documentation/authorization_services/topics/policy-regex-policy.adoc

[[_policy_regex]]
= Regex-Based Policy

You can use this type of policy to define regex conditions for your permissions.

To create a new regex-based policy, select *Regex* from the policy type list.

This policy resolves attributes available from the current identity.

.Add Regex Policy
image:images/policy/create-regex.png[alt="Add Regex Policy"]

== Configuration

* *Name*
+
A human-readable and unique string describing the policy. A best practice is to use names that are closely related to your business and security requirements, so you can identify them more easily.
+
* *Description*
+
A string containing details about this policy.
+
* *Target Claim*
+
Specifies the name of the target claim in the token. For JSON-based claims, you can use dot notation for nesting and square brackets to access array fields by index. For example, contact.address[0].country. If the target claim references a JSON
object, the first path (for example, `contact`) should map to the attribute name holding the JSON object.
+
* *Regex Pattern*
+
Specifies the regex pattern.
+
* *Logic*
+
The <<_policy_logic, Logic>> of this policy to apply after the other conditions have been evaluated.
KEYCLOAK-18503 Regex Policy for authorization service 2021-06-21 03:58:26 +00:00			`[[_policy_regex]]`
			`= Regex-Based Policy`

			`You can use this type of policy to define regex conditions for your permissions.`

Updating authorization_services for new admin console (#1572) Closes #1570 2022-07-25 20:36:51 +00:00			`To create a new regex-based policy, select Regex from the policy type list.`
KEYCLOAK-18503 Regex Policy for authorization service 2021-06-21 03:58:26 +00:00
Support JSON objects when evaluating claims in regex policy (#1566) * Support JSON objects when evaluating claims in regex policy Closes #11514 * Update authorization_services/topics/policy-regex-policy.adoc Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com> 2022-10-25 04:47:54 +00:00			`This policy resolves attributes available from the current identity.`

KEYCLOAK-16923-FIX Revising Authorization Services Guide for Red Hat Standards (#1358) 2022-04-18 14:10:57 +00:00			`.Add Regex Policy`
Preparing Securing Apps and Authorization Services Guide for RHBK (#1684) Closes #1682 2022-10-13 20:14:20 +00:00			`image:images/policy/create-regex.png[alt="Add Regex Policy"]`
KEYCLOAK-18503 Regex Policy for authorization service 2021-06-21 03:58:26 +00:00
			`== Configuration`

			`* Name`
			`+`
			`A human-readable and unique string describing the policy. A best practice is to use names that are closely related to your business and security requirements, so you can identify them more easily.`
			`+`
			`* Description`
			`+`
			`A string containing details about this policy.`
			`+`
			`* Target Claim`
			`+`
Support JSON objects when evaluating claims in regex policy (#1566) * Support JSON objects when evaluating claims in regex policy Closes #11514 * Update authorization_services/topics/policy-regex-policy.adoc Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com> 2022-10-25 04:47:54 +00:00			`Specifies the name of the target claim in the token. For JSON-based claims, you can use dot notation for nesting and square brackets to access array fields by index. For example, contact.address[0].country. If the target claim references a JSON`
			object, the first path (for example, `contact`) should map to the attribute name holding the JSON object.
KEYCLOAK-18503 Regex Policy for authorization service 2021-06-21 03:58:26 +00:00			`+`
			`* Regex Pattern`
			`+`
			`Specifies the regex pattern.`
			`+`
			`* Logic`
			`+`
			`The <<_policy_logic, Logic>> of this policy to apply after the other conditions have been evaluated.`