libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6

[KEYCLOAK-11272] - Adding information about enabling fine-grained admin permissions when using token exchange

Browse source
This commit is contained in:
Pedro Igor 2019-12-19 19:17:26 -03:00 committed by Stian Thorgersen
parent b2174664b5
commit 047ab96c83
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
securing_apps/topics/token-exchange/token-exchange.adoc
View file

@ -7,6 +7,11 @@
:tech_feature_setting: -Dkeycloak.profile.feature.token_exchange=enabled
include::../templates/techpreview.adoc[]
[NOTE]
====
In order to use token exchange you should also enable the `admin_fine_grained_authz` feature. Please, take a look at link:{installguide_profile_link}[{installguide_profile_name}].
====
In {project_name}, token exchange is the process of using a set of credentials or token to obtain an entirely different token.
A client may want to invoke on a less trusted application so it may want to downgrade the current token it has.
A client may want to exchange a {project_name} token for a token stored for a linked social provider account.