Keycloak 9.0.2 One permission for multiple resources bugs

Hi to all.

I’m using Keycloak 9.0.2.

I have a lot of resources, let call them r1,r2,r3… and a lot of roles.
For each role I’ve a policy P1,P2,P3.

To avoid the creation of multiple permission, i want to create some permissions:

   name: perm1
   resources : r1,r2,r3,r4,r5
   policy : p1
   name: perm2
   resources : r1
   policy : p2

Via web GUI
It’s not possible to create those permissions.

Via Java Code
It is possible and it works:

Set<String> names = new HashSet<>();
permission = new ScopePermissionRepresentation();
            Response response = permissionResource.create(permission);

In the web GUI, if I open perm1 and I add a new policy for instance, when I save the permission only the showed reseource is saved, all the other resources are lost.

I cannot delete a resource if it’s in a multi-resource-permission : i got an error:

ERROR [] (default task-276) Uncaught server error: java.lang.NullPointerException
at org.keycloak.authorization.admin.ResourceSetService.getPermissions(
at sun.reflect.GeneratedMethodAccessor1065.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(
at java.lang.reflect.Method.invoke(
at org.jboss.resteasy.core.MethodInjectorImpl.invoke(
at org.jboss.resteasy.core.ResourceMethodInvoker.internalInvokeOnTarget(
at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTargetAfterFilter(

It’s really difficult to manage theese permission.

Does the new Keycloak versions resolve these problem?

Am I concectually wrong on permission-usage?

Are there some news? Is it solved in a new version?

I use this procedure to create permission for a menu, where the policy is the role and the resources are the entries in the menu, so it’s frustating to have one permission for each menu-entry or a single permission that i cannot manage (like adding new entries or new policy).


Did you find a solution to this? Or did you create a Issue for this problem?

It looks like the bug is still here in Keycloak 15.0.2.
I submitted an issue: [KEYCLOAK-19683] Cannot assign multiple resources to single permission - Red Hat Issue Tracker.