Skip to content

Latest commit

 

History

History
44 lines (26 loc) · 1.57 KB

keycloak.md

File metadata and controls

44 lines (26 loc) · 1.57 KB

Keycloak configuration

1. Create new client "token-exchange"

Create client

2. Grant service account role "manage-users" to "token-exchange" client

Grant role

3. Create new positive client policy "token-exchange"

Create policy step 1 Create policy step 2

4. Grant permissions for token exchange on "portal" client and assign policy "token-exchange"

Grant token exchange permission step 1 Grant token exchange permission step 2

5. Grant permissions for impersonate on user permission tab and assign policy "token-exchange"

Grant impersonate permission step 1 Grant impersonate permission step 2

6. Create new user attribute "LoT"

Create user attribute step 1 Create user attribute step 2

7. Create new client scope "token-exchange"

Create client scope step 1 Create client scope step 2

8. Add new token mapper "LoT" to client scope "token-exchange"

Add LoT mapper step 1 Add LoT mapper step 2

9. Assign client scope "token-exchange" to client "portal"

Assign client scope step 1 Assign client scope step 2