How to allow access to resource A depending on Resource B's attributes?

32 views
Skip to first unread message

Mehran poursadeghi

unread,
May 7, 2022, 2:08:20 PMMay 7
to Keycloak User

Let's say we have two resource types: 
  • Shop (I have many shop resources), Its properties contain:
        owner_id: {user_id}
  • Product (each shop has many products), its properties contain:
      shop_id: {shop_id}


when my app sends an authorization request to check if the user has permission to edit a product, I want to allow it If the user is a shop owner.

As you see this policy needs to check the shop resource's properties, but my authorization request checks permission on the "Product" resource.

Can someone please tell me what is the best solution to solve it on Keycloak?
Reply all
Reply to author
Forward
0 new messages