I am using keycloak in my application for authentication. But currently I need to implement an access list rule mapping so that I can determine whether a user has access to content or not.
Here is what I am trying to accomplish:
Does user have permission to API/entity
- If it does;
* Can it read ?
* Can it write ?
* Can it update ?
* Can it delete?
- If any of these questions yes then user can read, write, update and delete:
* Records that he/she created
* Records that created by his/hers management (role based hierarchy)
My question is that could it be implemented with this kind of authentication (access list) using keycloak?
