infra/keycloak
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

docs: Add note for group name handling

Browse source
This commit is contained in:
Philipp 2025-01-28 20:41:21 +01:00
parent 1e01d7cddb
commit 7a269bde96
Signed by: philipp
SSH key fingerprint: SHA256:ZWe7taUXeJb8xtjCZE7rZ3baSkVpBPjE4hdoKyJpfQE
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
README.md
View file

@ -23,6 +23,8 @@ To handle authorization centrally, groups can be created and assigned directly i
For each client that relies on those group, explicitly add the `groups` scope to client scopes. The groups will now be sent to client upon request.
**Note:** A group named `foo` will be displayed as `/foo`. For this reason, I recommend using group names like `appname/rolename` which will be sent to the client as `/appname/rolename`.
### Enforcing 2FA
In the realm management console under `Authentication > Required Actions` certain actions can be enabled and set to be the default action. Useful defaults might be to enforce `Configure OTP`, `Update Password`, `Update Profile` and `Verify Email`.