Closed jaakkom closed 11 months ago
@jaakkom That's currently the behavior.
I don't recommend that anyone use the Keycloak Admin UI for anything other than super-admin use cases, as there have been lots of problems historically, and "fine grained admin permissions" never really got fully built out.
If you want to PR the change in order to make , I would suggest requiring the following realm-management
roles:
query-organizations
manage-organizations
view-identity-providers
manage-identity-providers
view-users
query-users
as those all get used to render the "Organizations" tab properly.
For use cases where you want your users who are members of organizations to be able to self-manage organization, we created an "organization portal" application. https://github.com/p2-inc/phasetwo-admin-portal . It's bundled in our docker image, or you can build and deploy it from that repo.
Hello, Looks like user needs "realm-admin" to make organization extension settings visible in admin ui.
I think query-organizations and manage-organizations should be enough?
Realm-admin gives permission to about everything.
Is that expected behavior or BUG?