keycloak.authorization.policy

Keycloak authorization Policy module.

Module Contents

Classes

Policy

Base policy class.

class keycloak.authorization.policy.Policy(name, type, logic, decision_strategy)

Base policy class.

A policy defines the conditions that must be satisfied to grant access to an object. Unlike permissions, you do not specify the object being protected but rather the conditions that must be satisfied for access to a given object (for example, resource, scope, or both). Policies are strongly related to the different access control mechanisms (ACMs) that you can use to protect your resources. With policies, you can implement strategies for attribute-based access control (ABAC), role-based access control (RBAC), context-based access control, or any combination of these.

https://keycloak.gitbooks.io/documentation/authorization_services/topics/policy/overview.html

Parameters

• name (str) – Name

• type (str) – Type

• logic (str) – Logic

• decision_strategy (str) – Decision strategy

property name

Get name.

Returns

Name

Return type

str

property type

Get type.

Returns

Type

Return type

str

property logic

Get logic.

Returns

Logic

Return type

str

property decision_strategy

Get decision strategy.

Returns

Decision strategy

Return type

str

property roles

Get roles.

Returns

Roles

Return type

list

property permissions

Get permissions.

Returns

Permissions

Return type

list

__repr__()

Repr method.

Returns

Class representation

Return type

str

__str__()

Str method.

Returns

Class string representation

Return type

str

add_role(role)

Add keycloak role in policy.

Parameters

role (keycloak.authorization.Role) – Keycloak role

Raises

KeycloakAuthorizationConfigError – In case of misconfigured policy type

add_permission(permission)

Add keycloak permission in policy.

Parameters

permission (keycloak.authorization.Permission) – Keycloak permission