terraform-provider-keycloak icon indicating copy to clipboard operation
terraform-provider-keycloak copied to clipboard

Published 20 hours ago verified publisher icon mrparkers

Default (Client) Roles

Open jcharlytown opened this issue 4 years ago • 11 comments

Hi,

first of all thanks everyone for making this provider happen. This makes managing keycloak realms so much easier!

However, I was wondering if there is a functionality to set default roles on a realm, specifically client roles? Using the security console this is possible via "Roles" -> "Default Roles". In case of client roles, on the API level this seems to be a field within the client representation, similar to default client scopes.

Is there such a functionality already included in this project and i'm just missing it? If not, are there any plans to implement such a feature?

Thanks!

jcharlytown avatar Jun 16 '20 11:06 jcharlytown

hello, someone working on that feature? if not, then i can work on that.

/cc @mrparkers

paulvollmer avatar Aug 03 '20 14:08 paulvollmer

@paulvollmer feel free to pick it up if you want to work on it, I appreciate the help!

mrparkers avatar Aug 03 '20 14:08 mrparkers

+1 for default realm roles

duc12597 avatar Aug 18 '20 08:08 duc12597

@mrparkers i started working on that.

paulvollmer avatar Aug 18 '20 10:08 paulvollmer

Hello @paulvollmer, were you able to make any progress on this? I'm interested in this feature as well.

ringods avatar Jul 15 '21 15:07 ringods

Hey guys, I started working on this (realm default roles without client roles atm). You can use composite roles on existing default roles as workaround.

arkadiusjonczek avatar Aug 10 '21 16:08 arkadiusjonczek

Hello @arkadiusjonczek, were you able to make some progress on this? Even if you have something incomplete, could you already submit this as a draft PR?

ringods avatar Sep 03 '21 13:09 ringods

Hi all. I started working on this(realm default roles). PR will be created soon.

Vlad-Kirichenko avatar Sep 21 '21 05:09 Vlad-Kirichenko

Hi guys. As a temporary workaround one can use keycloak_default_groups. You can just create a group that has all the role mappings you want as default and then make the group default for every (new) user

ghost avatar Oct 07 '21 13:10 ghost

This issue could be closed with #599 @mrparkers

arkadiusjonczek avatar Oct 18 '21 14:10 arkadiusjonczek

Hey @arkadiusjonczek, #599 added a new resource for default realm roles, but we still don't have a first class solution for default client roles. Until then, I'll leave this open, and users can use the helpful solution proposed by @ScrumplexDTAG.

Thanks!

mrparkers avatar Oct 18 '21 14:10 mrparkers