Merge pull request #1 from Checksum/roles-scope
Note on specifying scope parameter
This commit is contained in:
commit
e93dd218aa
2 changed files with 10 additions and 0 deletions
|
@ -2,3 +2,10 @@
|
||||||
|
|
||||||
Client roles are basically a namespace dedicated to a client. Each client gets its own namespace. Client roles are managed
|
Client roles are basically a namespace dedicated to a client. Each client gets its own namespace. Client roles are managed
|
||||||
under the `Roles` tab under each individual client. You interact with this UI the same way you do for realm level roles.
|
under the `Roles` tab under each individual client. You interact with this UI the same way you do for realm level roles.
|
||||||
|
|
||||||
|
If the client has to explicitly request for another client's role, the role has to prefixed with the client's id when requesting via the scope parameter. For example, if the client id is `account` and the role is `admin`, the scope parameter should be:
|
||||||
|
|
||||||
|
`scope=account/admin`
|
||||||
|
|
||||||
|
As noted in the realm roles section, multiple roles are separated by spaces.
|
||||||
|
|
||||||
|
|
|
@ -17,3 +17,6 @@ The localized value is then configured within property files in your theme. See
|
||||||
for more information on localization. If a client requires user _consent_, this description string will be displayed on the
|
for more information on localization. If a client requires user _consent_, this description string will be displayed on the
|
||||||
consent page for the user.
|
consent page for the user.
|
||||||
|
|
||||||
|
If the client has to explicitly request for a realm role, set `Scope Param Required` to true. The role then has to be specified via the `scope` parameter when requesting a token. Multiple realm roles are separated by space:
|
||||||
|
|
||||||
|
`scope=admin user`
|
||||||
|
|
Loading…
Reference in a new issue