Keycloak - Kong - Authorization - JavaScript Web App

Hey, im very new in Keycloak and AuthN/AuthZ. We want to Secure our JavaScript WebSite with Keycloak. The Website is on a Docker Image and goes over the API GW Kong. Kong and Keycloak are on another docker Image. The Authentification and protection of the Website with Keycloak and Kong works very good. But i dont know how i could implement the Authorization. So For example i would restrict users from the Website if theyre in a different group or different role. With the Keycloak Admin Console i can adjust the roles, groups etc. and assign these to a user, but if i want to Login these user i can Login even though the user has a different role.

Could anyone help me to implement the Authorization? Maybe in the HTML Header with JavaScript? Thank you :slight_smile:

Currently I am working in a project that uses Keycloak as IdP (Identity Provider) and Kong as API Gateway. To do authorization using Keycloak authorization services we added two plugins in Kong (read the README for more details)