Limit access with Keycloak based on role/group? #504
Comments
|
You may request groups claim and put it into headers. Then read them in HTTP request in your app and do whatever you like, based on group membership. |
|
The app does not provide any option like that. I thought hopefully Vouch supports limitung access based on groups like it's oauth2-proxy doing. |
|
Well, it is not what vouch were designed for, i guess. |
|
@tboerger Hello there! The suggested method for doing such is currently to use the I'd like to add additional functionality for groups facilities (or really RBAC on any claim) to VP but there are a few other items ahead of this one and I'm currently buried in other projects. I'm going to close this in favor of #175 but feel free to ask any additional questions. @ShyLionTjmn Thanks for chiming in and being helpful. Can I ask you to please let people know that you are relatively new to VP when you answer support questions like this. I think that context is important. |
|
Thanks for the feedback. Sadly open resty wouldn't work for me as I want to avoid switching my ingress controller. But since you are open for such a feature I will dig through the code and see if I can contribute something similar to the suggestions mentioned eighth the linked issue. |
Describe the problem
Is it possible to limit the access based on Vouch and Keycloak as an IdP on roles or groups similar to orgs and teams with the GitHub provider?
Expected behavior
Limiting access based on Keycloak roles or groups
The text was updated successfully, but these errors were encountered: