KEYCLOAK-18503 Regex Policy for authorization service

2021-06-21 12:58:26 +09:00 · 2021-06-21 12:58:26 +09:00 · 1ce3305a4f
commit 1ce3305a4f
parent 52e1fde120
3 changed files with 33 additions and 0 deletions
--- a/authorization_services/images/policy/create-regex.png
+++ b/authorization_services/images/policy/create-regex.png
--- a/authorization_services/topics.adoc
+++ b/authorization_services/topics.adoc
@ -58,6 +58,8 @@ include::topics/policy-client-scope-policy.adoc[leveloffset=+2]

 include::topics/policy-client-scope-policy-required-client-scope.adoc[leveloffset=+3]

+include::topics/policy-regex-policy.adoc[leveloffset=+2]
+
 include::topics/policy-logic.adoc[leveloffset=+2]

 include::topics/policy-evaluation-api.adoc[leveloffset=+2]
--- a/authorization_services/topics/policy-regex-policy.adoc
+++ b/authorization_services/topics/policy-regex-policy.adoc
@ -0,0 +1,31 @@
+[[_policy_regex]]
+= Regex-Based Policy
+
+You can use this type of policy to define regex conditions for your permissions.
+
+To create a new regex-based policy, select *Regex* in the item list in the upper right corner of the policy listing.
+
+.Add Regex-Based Policy
+image:images/policy/create-regex.png[alt="Add Regex-Based Policy"]
+
+== Configuration
+
+* *Name*
+
+A human-readable and unique string describing the policy. A best practice is to use names that are closely related to your business and security requirements, so you can identify them more easily.
+
+* *Description*
+
+A string containing details about this policy.
+
+* *Target Claim*
+
+Specifies the name of the target claim in the token.
+
+* *Regex Pattern*
+
+Specifies the regex pattern.
+
+* *Logic*
+
+The <<_policy_logic, Logic>> of this policy to apply after the other conditions have been evaluated.