Adding a Global Role

[jake cabrera]

Similar to the admin and create-realm roles in the Master realm, is it possible to create another global role? For example, a global read-only role.

Thanks,

Jake

[Vlasta Ramik]

Hello,

I'm not sure what you meant by "global" role, but I guess you're reffering to roles from maste realm. t's possible to create role within the master realm using e.g. admin console or REST API. If you want to automatically assign the role to new users you can assign the role among default roles.

--
You received this message because you are subscribed to the Google Groups "Keycloak User" group.
To unsubscribe from this group and stop receiving emails from it, send an email to keycloak-use...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/keycloak-user/c798585f-aeb6-408b-a4ff-11925dfe71b8n%40googlegroups.com.

[jake cabrera]

Hello Vlasta,

Thank you for your response! By global roles I am referring to this topic in the keycloak documentation: https://www.keycloak.org/docs/latest/server_admin/#global-roles

If I create the composite role in the Master realm with read-only on all other realms, this works. However, if I add a new realm, I have to manually go into that role and add read-only permissions for the new realm. However, it seems like the Master realm's 'admin' and 'create-realm' roles are automatically updated on realm creation. I was wondering if there is an easy way to automatically add read-only permissions to a role whenever a realm is created.

Thank you,

Jake

[Vlasta Ramik]

Hello,

I'm afraid you cannot create a role which would be automatically updated.

V.

To view this discussion on the web visit https://groups.google.com/d/msgid/keycloak-user/fafc3b36-3887-4eec-a320-863132a20674n%40googlegroups.com.