keycloak policy-enforcer not enabled by default in wildfly 26.1.2

[Satish Shelake]

Hello,

   I have tried to enable policy enforcer json based configuration in web rest application. It doesn't enabled keycloak policy enforcer and authorization flow is not get call by resource application on wildfly 26.1.2. Authentication is working fine.

Wildlfy OIDC clinet subsystem is authorized keycloak roles in wildlfy server. But I want to enable keycloak server authorization flow enable using policy enforcer json. It was working fine when I tried to use keycloak connector.

I didn't get proper channel to go through this use case on internet or group.

Could anybody knows about references or any bug in OIDC client in wildfly 26.1.2?

[Farah Juma]

Keycloak now provides a separate Policy Enforcer library (org.keycloak:keycloak-policy-enforcer). There's an example here that shows how to use this with Elytron OIDC Client to enable fine-grained authorization for an application:

https://github.com/keycloak/keycloak-quickstarts/tree/latest/jakarta/servlet-authz-client