RepoMirrors/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak synced 2025-05-14 05:59:37 +00:00
Code Issues Actions 17 Packages Projects Releases Wiki Activity
main
keycloak/docs/documentation/server_admin/topics/clients/proc-evaluating-client-scopes.adoc
Marek Posolda 6654e56a7c
Polish documentation for audience and client scopes (#38484) 
closes #19127

Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: Bruno Oliveira da Silva <bruno@abstractj.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
2025-04-03 08:43:06 +02:00

25 lines
1.6 KiB
Plaintext
Raw Permalink Blame History

[id="proc_evaluating_client_scopes_{context}"]
[role="_abstract"]
The *Mappers* tab contains the protocol mappers and the *Scope* tab contains the role scope mappings declared for this client. They do not contain the mappers and scope mappings inherited from client scopes. It is possible to see the effective protocol mappers (that is the protocol mappers defined on the client itself as well as inherited from the linked client scopes) and the effective role scope mappings used when generating a token for a client.
.Procedure
. Click the *Client Scopes* tab for the client.
. Open the sub-tab *Evaluate*.
. Select the optional client scopes that you want to apply.
This will also show you the value of the *scope* parameter. This parameter needs to be sent from the application to the {project_name} OpenID Connect authorization endpoint.
[NOTE]
====
If your application uses the {securing_apps_base_link}/javascript-adapter[{project_name} JavaScript adapter], see its section to learn how to send the *scope* parameter with the desired value.
====
You can also simulate how the access token, ID token, or UserInfo response issued to this client looks for a particular selected user and for a specific value of the `audience` parameter. Note
that the `audience` parameter is currently only supported for the token exchange grant. It is recommended to leave it empty when simulating any other grant.
.Evaluating client scopes
image:images/client-scopes-evaluate.png[]
All examples are generated for the particular user and issued for the particular client, with the specified value of the *scope* parameter. The examples include all of the claims and role mappings used.
Reference in New Issue View Git Blame Copy Permalink