keycloak.authorization.permission
¶
Keycloak authorization Permission module.
Module Contents¶
Classes¶
Base permission class. |
- class keycloak.authorization.permission.Permission(name, type, logic, decision_strategy)[source]¶
Base permission class.
Consider this simple and very common permission:
A permission associates the object being protected with the policies that must be evaluated to determine whether access is granted.
X CAN DO Y ON RESOURCE Z
where
- X represents one or more users, roles, or groups, or a combination of them. You can
also use claims and context here.
Y represents an action to be performed, for example, write, view, and so on.
Z represents a protected resource, for example, “/accounts”.
https://keycloak.gitbooks.io/documentation/authorization_services/topics/permission/overview.html