jakob/keycloak-restrict-client-auth
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

docs: Describe properties for role name config in Keycloak.X

Browse source
This commit is contained in:
Sven-Torben Janus 2021-10-29 19:44:52 +02:00 committed by Sven-Torben Janus
parent 325d25f548
commit 7dc081d9de
1 changed files with 13 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
README.md
View file

@ -115,13 +115,15 @@ It may happen that I remove older packages without prior notice, because the sto
You do not like the role name `restricted-access` or you do have some kind of naming conventions in place? You can change the role name globally by configuring the provider.
##### via CLI:
##### Wildfly-based distro
###### via CLI:
```
/subsystem=keycloak-server/spi=restrict-client-auth-access-provider:add(default-provider=client-role)
/subsystem=keycloak-server/spi=restrict-client-auth-access-provider/provider=client-role:add(properties={clientRoleName=my-custom-role-name,enabled=true})
```
##### via standalone.xml:
###### via standalone.xml:
```XML
<spi name="restrict-client-auth-access-provider">
<default-provider>client-role</default-provider>
@ -135,6 +137,14 @@ You do not like the role name `restricted-access` or you do have some kind of na
For details, please refer to [Manage Subsystem Configuration](https://www.keycloak.org/docs/latest/server_installation/index.html#manage-subsystem-configuration) section in the server installation guide.
##### Keycloak.X distro:
```properties
spi.restrict-client-auth-access-provider.client-role.enabled=true
spi.restrict-client-auth-access-provider.client-role.client-role-name=custom-role
```
For details on SPI and provider configuration in Keycloak.X, please refer to [SPIs and Provider Configuration](https://github.com/keycloak/keycloak-community/blob/master/design/keycloak.x/configuration.md#spis-and-provider-configuration) section in the community guide.
### Policy-based mode
> ⚠️ **OIDC only**:
@ -163,7 +173,7 @@ In the flow choose the `Actions` button and then choose `Config`. You will see t
You can directly define a particular message or use a property, which will be used for mapping the error message. If you choose a property, the property will be looked up from your custom theme's `messages*.properties` files and therefore supports internationalization.
```
```properties
# messages.properties
restricted-access.denied=Access denied. User is missing required role 'restricted-access'
# messages_de.properties