In the Keycloak 18upload-script feature had been removed and there is no possibility anymore to upload JS code using keycloak_openid_client_js_policy.code property.
According to the latest documentation all JS authorization policies have to be uploaded via JAR files only.
Please adapt keycloak_openid_client_js_policy to:
Not require code as mandatory attribute.
Allow set type property to "script-.js" where .js is a policy script file inside JAR.
Example how to create policy via Keycloak API :
curl -X POST '<keycloak_host>/auth/admin/realms/<realm_id>/clients/<clinet_id_uuid>/authz/resource-server/policy/js' \ -H 'Authorization: Bearer <JWT>' \ -H 'Content-Type: application/json' \ -d '{ "name": "JS Policy Example", "type": "script-task-service-access-policy.js", "logic": "POSITIVE", "decisionStrategy": "AFFIRMATIVE" }' task-service-access-policy.js - is a policy script packed into JAR according to documentation.
In the Keycloak 18 upload-script feature had been removed and there is no possibility anymore to upload JS code using keycloak_openid_client_js_policy.code property.
According to the latest documentation all JS authorization policies have to be uploaded via JAR files only.
Please adapt keycloak_openid_client_js_policy to:
Example how to create policy via Keycloak API :
curl -X POST '<keycloak_host>/auth/admin/realms/<realm_id>/clients/<clinet_id_uuid>/authz/resource-server/policy/js' \ -H 'Authorization: Bearer <JWT>' \ -H 'Content-Type: application/json' \ -d '{ "name": "JS Policy Example", "type": "script-task-service-access-policy.js", "logic": "POSITIVE", "decisionStrategy": "AFFIRMATIVE" }'task-service-access-policy.js - is a policy script packed into JAR according to documentation.