14 lines
No EOL
624 B
Text
Executable file
14 lines
No EOL
624 B
Text
Executable file
== Defining uma_authorization and kc_entitlement scopes
|
|
|
|
In order to allow client applications to obtain authorization tokens from the server, you need to create two roles:
|
|
|
|
* *uma_authorization*
|
|
+
|
|
This role grants access to client application to ask the server for authorization tokens.
|
|
|
|
* *kc_entitlement*
|
|
+
|
|
This role grants access to client application to ask the server for entitlements.
|
|
|
|
Once they are created for a client application, you must associate these roles with your users. These steps are necessary to tell Keycloak
|
|
that the client application is allowed to obtain authorization data on behalf of your users. |