libre.sh/keycloak-scim
4
0
Fork 0
Code Issues 15 Pull requests Releases 1 Activity Actions

[KEYCLOAK-5726] - Documentation for scopes-enforcement-mode (#222)

Browse source
This commit is contained in:
Pedro Igor 2017-11-07 06:04:57 -03:00 committed by Stian Thorgersen
parent 11d3fc1a03
commit 8ea59f93a6
1 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
authorization_services/topics/enforcer-keycloak-enforcement-filter.adoc
View file

@ -124,6 +124,12 @@ The name of the HTTP method.
+
An array of strings with the scopes associated with the method. When you associate scopes with a specific method, the client trying to access a protected resource (or path) must provide an RPT that grants permission to all scopes specified in the list. For example, if you define a method _POST_ with a scope _create_, the RPT must contain a permission granting access to the _create_ scope when performing a POST to the path.
+
**** *scopes-enforcement-mode*
+
A string referencing the enforcement mode for the scopes associated with a method. Values can be *ALL* or *ANY*. If *ALL*,
all defined scopes must be granted in order to access the resource using that method. If *ANY*, at least one scope should be
granted in order to gain access to the resource using that method. By default, enforcement mode is set to *ALL*.
+
*** *enforcement-mode*
+
Specifies how policies are enforced.