KEYCLOAK-18503 Regex Policy for authorization service

This commit is contained in:
Yoshiyuki Tabata 2021-06-21 12:58:26 +09:00 committed by Pedro Igor
parent 52e1fde120
commit 1ce3305a4f
3 changed files with 33 additions and 0 deletions

Binary file not shown.

After

Width:  |  Height:  |  Size: 23 KiB

View file

@ -58,6 +58,8 @@ include::topics/policy-client-scope-policy.adoc[leveloffset=+2]
include::topics/policy-client-scope-policy-required-client-scope.adoc[leveloffset=+3] include::topics/policy-client-scope-policy-required-client-scope.adoc[leveloffset=+3]
include::topics/policy-regex-policy.adoc[leveloffset=+2]
include::topics/policy-logic.adoc[leveloffset=+2] include::topics/policy-logic.adoc[leveloffset=+2]
include::topics/policy-evaluation-api.adoc[leveloffset=+2] include::topics/policy-evaluation-api.adoc[leveloffset=+2]

View file

@ -0,0 +1,31 @@
[[_policy_regex]]
= Regex-Based Policy
You can use this type of policy to define regex conditions for your permissions.
To create a new regex-based policy, select *Regex* in the item list in the upper right corner of the policy listing.
.Add Regex-Based Policy
image:images/policy/create-regex.png[alt="Add Regex-Based Policy"]
== Configuration
* *Name*
+
A human-readable and unique string describing the policy. A best practice is to use names that are closely related to your business and security requirements, so you can identify them more easily.
+
* *Description*
+
A string containing details about this policy.
+
* *Target Claim*
+
Specifies the name of the target claim in the token.
+
* *Regex Pattern*
+
Specifies the regex pattern.
+
* *Logic*
+
The <<_policy_logic, Logic>> of this policy to apply after the other conditions have been evaluated.