I have reviewed the Gravitee 4.0 AM Documentation and am having trouble connecting how to configure users, groups, roles, and permissions so that the OAuth token would include a user's roles for my custom application in their token.
My goal is to have the values structured something like the following:
User
| Username | Group |
|---|---|
| Admin01 | appNameAdmins |
| User01 | appNameUsers |
| User02 | appNameUsers |
Group
| Group Name | Permissions |
|---|---|
| appNameAdmins | module01[create, read, list, update, delete] |
| appNameUsers | module01[read, list] |
So when a user authenticates using the OAuth2 API, their access_token would look something like the following
{
"sub": "12345ab1-ab12-1234-a12b-a1bc12345678",
"aud": "12345ab1-ab12-1234-a12b-a1bc12345678",
"domain": "12345ab1-ab12-1234-a12b-a1bc12345678",
"scope": "openid roles full_profile",
"iss": "http://localhost:8092/ecs2-local/oidc",
"exp": 1693962272,
"iat": 1693955072,
"user": {
"id": "12345ab1-ab12-1234-a12b-a1bc12345678",
"createdAt": "Mon Aug 28 23:26:10 GMT 2023",
"updatedAt": "Tue Sep 05 23:04:32 GMT 2023",
"source": "default-idp-12345ab1-ab12-1234-a12b-a1bc12345678",
"username": "Admin01",
"displayName": "Sample Admin",
"email": "[email protected]",
"groups": [
"appNameAdmins"
],
"permissions": [
"module01.create",
"module01.list",
"module01.read",
"module01.update",
"module01.delete",
]
},
"jti": "SAMPLE_JTI"
}