Authorization mostly is considered a very challenging concept for developers who are new to it or even to a lot of experienced developers.
Well, most of the problem comes from the fact, that sometimes due to lack of communication the requirements are not clear enough.
So to resolve the issue above, you need to have a deeper understanding about authorization. This way you can put all the tools you need around you and be resilient against any unexpected requirement in the future. This is what you are going to become by practicing what I have described in this video.
Javascript Policies Repo: https://github.com/farhadnowzari/keycloak-script-policies
Keycloak Authentication video: https://www.youtube.com/watch?v=k7LQ_Q0VN0I
Timestamps:
00:00 Intro
01:25 Theory (RBAC, ABAC, ReBAC)
10:46 What was wrong with classic RBAC
13:38 Configure Keycloak to act as an authorization server
16:14 Implement RBAC with keycloak authorization clients
36:03 Query with permissions
41:34 ABAC - Who is the owner
44:15 ABAC - Javascript based policies
56:33 ReBAC - Who is the manager of the resource owner
01:05:15 Outro
Want to see more contents like this? 📖 🤓
Follow me on:
Medium: https://medium.com/@fdn-sharp
Twitter: https://twitter.com/farhad_nowzari
LinkedIn: https://www.linkedin.com/in/farhad-nowzari-94060699/
Github: https://github.com/farhadnowzari
Have fun coding ❤️