You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Mar 16, 2024. It is now read-only.
Settings: Service Accounts Enabled
Scope: Full Scope Allowed
Service Account Roles: Select all Client Roles available for the account and realm_management
Why do I need to give admin permissions and realm management to my client API?
If I want only to authenticate users (not create or delete), why cannot I just work with the client_secret?
It just looks like I am giving too much power to my API to just authenticate a user o validate a token.
The text was updated successfully, but these errors were encountered:
I guess that is only needed if you also want to manage Keycloak resources like users, roles, etc. If you just want to request tokens you don't need those permissions, but this library has lots of other management capabilities.
However, I will further check / verify this and update the documentation to make this clearer, thanks for the question 👍 I would suggest to leave the issue open and link it to the PR until this is done
+1, my workaround is class MyFastAPIKeycloak(FastAPIKeycloak): def _get_admin_token(self) -> None: if not self.admin_client_secret == "": super()._get_admin_token()
It will crash if I use admin actions, but I won't :)
First, thanks for this great project.
I have a question:
In docs you metion:
Modify the admin-cli client
Settings: Service Accounts Enabled
Scope: Full Scope Allowed
Service Account Roles: Select all Client Roles available for the account and realm_management
Why do I need to give admin permissions and realm management to my client API?
If I want only to authenticate users (not create or delete), why cannot I just work with the
client_secret
?It just looks like I am giving too much power to my API to just authenticate a user o validate a token.
The text was updated successfully, but these errors were encountered: