I’m looking into using Keycloak to handle all my auth needs and after messing around with a dockerized Keycloak instance for a while, I’m having trouble figuring out how best to structure things. Here’s a simplified version of my use case.
Let’s say I have a bunch of spring boot micro-services. Conceptually, what I’d like is the following. For each service I would have a number of named ‘profile templates’ with properties attached. Each user of the service would be assigned one (and only one) template and would inherit its properties as default values. These values could also be overridden on a per-user basis. There would also be service properties outside of these templates.
So for instance for a todo management service, a user could have a property ‘expiry_date’ and be assigned a profile ‘limited’. It would inherit a property ‘max_todos’ from this profile with a default value of 5 but override this value to 10.
How could this be achieved?