Menu
Hi I'm using Keycloak and I would like to know what is the best way to get User Role. I'm using a SPA written in ReactJS and it needs to know the user's role. Is there a Keycloak API to get this? or should I get it from the JWT token. Either way, what is the option that I should go with. Thank you.
836
A user would have to be authenticated before seeing some application content. After successful authentication, access token would be given to client (can be application gateway or ui application) and then role can be extracted from it and used.
Keycloak provides the concept of a client scope for this. Clients can define roles that are specific to them. This is basically a role namespace dedicated to the client. A token that provides identity information about the user.
You can either create a global (realm level) role, and easily access it from both clients, or you can create two identical roles in each client. Depending on your project scale, pick from what suits you best. Thank you, I got it - once again keycloak documentation is really weak in the area.
If you assigned role to a user, then this role is a claim inside JWT access token provided by Keycloak.
A user would have to be authenticated before seeing some application content.
After successful authentication, access token would be given to client (can be application gateway or ui application) and then role can be extracted from it and used.
92
Yes, rest API is there to get user roles
GET /auth/admin/realms/{realm}/users/{user-uuid}/role-mappings/clients/{client-uuid}
you can find all the rest api of keycloak here:
https://www.keycloak.org/docs-api/5.0/rest-api/index.html
40
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
