Hi everyone,
Quick example of what I’m looking to do, my actual needs will be more complex, with more layers of authorization:
Let’s say I have an app for the purpose of creating, conducting and summarizing meetings.
A member of my app schedules a meeting and then adds other members to this meeting.
Only the added members should be able to join the meeting.
The naive approach would be to use the admin API to create a resource for that meeting and additional roles to give permissions to specific participants for exactly this meeting.
If I have 1000 meetings then I need to create 1000 resources and maybe 3x1000 roles/permissions.
So my questions is, are there any Keycloak features that facilitate these kinds of authorization needs?
Or am I better off introducing a specialized authorization layer in my app? Something based on google zanzibar maybe?
(I’m not looking for a solution for the exact scenario described above, this is meant more as a minimal reproduction of the problem)
Any hints would be appreciated