How to Create Roles with Specific Permissions in Keycloak?

aliatic · February 25, 2025, 4:49pm

Hi everyone,

I’m trying to configure roles in Keycloak where each role has specific permissions assigned to it. For example:

Role1 → Permission1, Permission2
Role2 → Permission2, Permission3

I want to know the best approach to achieve this in Keycloak. Should I use composite roles, client scopes, or is there another recommended way to manage role-permission mappings?

Any guidance or best practices would be greatly appreciated!

Thanks in advance.

Carl · March 6, 2025, 5:54pm

If you enable “Authorization” for a client, there is a capability to create permissions and policies for your resource beyond the Role Based Access Control.

Topic		Replies	Views
Is there a way to directly assign permissions to roles with Keycloak Admin API? Getting advice	3	110	November 9, 2024
How to map permissions to role? Configuring the server admin-console	0	452	December 29, 2022
Fine-grained client management Getting advice admin-console	0	876	February 4, 2022
RBAC is impossible to set up	3	2491	December 15, 2020
Keycloak operator: create client with authorization resource and policy Getting advice authentication , oidc	1	966	March 24, 2021

How to Create Roles with Specific Permissions in Keycloak?

Related topics