Obtain permissions without a user token, only by user id

We are using keycloak for authorization as well as authentication, since the management is excellent. We have a lot of a resources, let’s say orders, that are managed by the application backend (aka resource server) and given permissions and policies for specific users.

The use case is that during certain actions of others, when the user not online (we have only his keycloak user id in the DB) we need to check if User A has scope B permission in resource C. This sounds like a very basic call to me, but with the authz client i cannot find a resource that can satisfy this requirement. They all need a user token or a uma ticket. We need a simple params → true/false evaluation. How can we handle this? Thank you in advance.

Hey, I’m on a similar situation. Did you find a solution to it?