Checking permissions


I’ve read the docs and I’ve seen the section about obtaining permissions by using the “urn:ietf:params:oauth:grant-type:uma-ticket” grant type. From what I understand I have two options:

  1. Use the ‘permissions’ response_mode so that I get back all the resources which I have access to;
  2. Use the ‘decision’ response_mode to validate if access is granted.

Using the ‘permissions’ response mode doesn’t seem like a feasible solution since I’m expecting many resources to exist. The other option is to make a call to Keycloak to validate if access is allowed? When testing I saw that such a call easily takes 40 ms, does that mean that all my requests are delayed by 40 ms? Am I missing something?

Thanks for your help :slight_smile: