Roles & Permission
These are based on the User Personas, and configured in Keycloak.
| We should ideally be using Keycloak as intended, with roles and scopes etc. However, due to time limitations getting in the way of working out how to get clients to retrieve correct roles from the Keycloak api when this was first implemented, the access model we are actually using is a bit of a kludge using groups and attributes. |
-
In Keycloak, create a group with the name
<Persona>. -
Add the following group attributes:
| Attribute | Value |
|---|---|
|
A random string |
-
Add users to the group