Authorization Handler / Client Scopes enhancement for Dynamic Scopes / RAR

Skip to first unread message

Daniel Gozalo Barquilla

Oct 14, 2021, 7:27:18 AMOct 14
to Keycloak Dev

I've just published a new proposal that will attempt to unify the handling of Dynamic Scopes and Rich Authorization Requests (and any other mechanism that may come in the future) into a single entity.

This proposal also contains enhancements to the consent screen, making it possible to gather user input based on dynamic scopes and RAR configuration and also allowing to compose it to the users' needs. 

Lastly, we're also going to work on implementing some powerful built-in policies that will work with the RAR data format and allow users to query additional data from the resource server, compare fields etc.

This is the Github discussion for this proposal:

As always, we're looking forward to hearing from the community about this proposal.


Daniel Gozalo

Principal Software Engineer

Reply all
Reply to author
0 new messages