Grant access to an organization or a project in Keycloak

Choose a set of permissions for each user and service account
Read time 1 minuteLast updated 5 days ago

To grant access to an organization and all projects within that organization, assign one or more user types and user roles to the user or to the service account that requires access. To do so, complete these steps:
  1. Perform one of these actions:
    • For a user, open the user properties and select the Role Mapping tab.
    • For a service account, open the client properties and select the Service Account Roles tab.
  2. Select Assign role.
  3. If the first filter is set to
    Filter by realm roles
    , then change it to
    Filter by clients
    .
  4. Select the required role from the list, and then select Assign. Alternatively, use the filter
    Search by role name
    . If the required role doesn't exist, create it first in the organization properties.
    • To grant read-only access, choose the User type.
    • To grant full access, choose the Owner user type. Owners have access to the client that represents the organization, users and service accounts.
Read more about these topics: