-
Notifications
You must be signed in to change notification settings - Fork 22
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Work with Multiple Client #92
Comments
Hello @elmidwill, thanks for your question. In your concrete scenario you may add a client per app. For each client you define a role
If a user should have access to let's say app1 and app3, you simply assign roles Does that help? Best regards |
@sventorben Sounds like exactly what I was looking for. I am in the middle of a POC so I am going to give that a try. I'll let you and anyone else that might be interested in this solution know how it turns out. |
So I got around to trying this today. It doesn't appear to work with SAML authentication on version 18.0.2, or more likely I am not doing something correctly. After adding the provider, restarting KC, I created a copy of the browser flow, edited it as per instructions. I then created the role in a client, and changed the "Authentication Flow Overrides" to the copy that was created, and when I try to login from an app using SAML, it redirects to KC and immediately presents me with "Invalid username or password" without prompting for either. |
See #94 |
Is there an existing feature request for this?
Is your feature related to a problem? Please describe.
This is more of a question then a feature request, but if the answer is no then it can be a feature request. Does this feature work with multiple clients, and by that I mean will it work to isolate more than one client?
Here is an example. Lets say I have 4 apps that I want to configure on one Realm. Can I create 4 different authenticators. Use those 4 different authenticators one per app, and users would be able to access 1, 2, 3 or 4 applications depending on their roles?
The problem trying to wrap my head around is if all clients have this restricted-access role needed for one or the other application, is it possible to have a user restricted to any more than 1 app at a time?
Describe the solution you'd like
No response
Describe alternatives you've considered
No response
Anything else?
No response
The text was updated successfully, but these errors were encountered: