How can I set multiple roles in the keycloak.protect()?

Asked Mar 03 '23 at 09:41

Active Mar 03 '23 at 09:41

Viewed 228 times

I'm using keycloak.protect('user') in nodejs (keycloak-connect lib) for my APIs to allow only user role and it works.

How could I add multiple roles in the keycloak.protect()? I tried with the keycloak.protect(['user','admin']) but it allows anyone with a valid token (it looks like to have the same behavior of keycloak.protect())

asked Mar 03 '23 at 09:41

pasquy73

1

Probably I found the workaround by using a function (instead of string): – pasquy73 Mar 08 '23 at 09:27
1

function test(token, request){ return token.hasRole('user') || token.hasRole('admin'); } – pasquy73 Mar 08 '23 at 09:27
1

router.get('/api/:service', keycloak.protect(test), function (req, res) { ... } – pasquy73 Mar 08 '23 at 09:29

How can I set multiple roles in the keycloak.protect()?

0 Answers0