867eff3e5d
* [KEYCLOAK-3169] - Updating authz services doc * [KEYCLOAK-3169] - Section about changes to user account service * [KEYCLOAK-3169] - Removing UMA 1.0 references * [KEYCLOAK-3169] - RH-SSO images * [KEYCLOAK-3169] - Updating Keycloak images * [KEYCLOAK-3169] - Review * [KEYCLOAK-3169] - Review
23 lines
1.2 KiB
Text
23 lines
1.2 KiB
Text
[[_policy_evaluation_overview]]
|
|
= Evaluating and Testing Policies
|
|
|
|
When designing your policies, you can simulate authorization requests to test how your policies are being evaluated.
|
|
|
|
You can access the Policy Evaluation Tool by clicking the `Evaluate` tab when editing a resource server. There you can specify different inputs to simulate real authorization requests and test the effect of your policies.
|
|
|
|
image:{project_images}/policy-evaluation-tool/policy-evaluation-tool.png[alt="Policy Evaluation Tool"]
|
|
|
|
== Providing Identity Information
|
|
|
|
The *Identity Information* filters can be used to specify the user requesting permissions.
|
|
|
|
== Providing Contextual Information
|
|
|
|
The *Contextual Information* filters can be used to define additional attributes to the evaluation context, so that policies can obtain these same attributes.
|
|
|
|
== Providing the Permissions
|
|
|
|
The *Permissions* filters can be used to build an authorization request. You can request permissions for a set of one or more resources and scopes. If you want
|
|
to simulate authorization requests based on all protected resources and scopes, click *Add* without specifying any `Resources` or `Scopes`.
|
|
|
|
When you've specified your desired values, click *Evaluate*.
|