Skip to main content
Version: Next

Resource management

Identity manages resources like users, groups, roles, and tenants. But where are they saved and how are they referenced?

Identity resourceKeycloak resource (and how it is filtered)
ApplicationClient (without authorization)
Application/permissionsClient/Service Account roles
APIClient (with authorization)
API/permissionsClient/Roles
RoleRealm role (with attribute camunda_role=true)
Role/permissionsRealm role/Associated role
GroupGroup
Group/MemberGroup/Member
Group/Authorization*(not saved to Keycloak)
Group/RolesGroup/Role mapping
UserUser
User/Assigned roleUser/Role mapping
User/Authorization*(not saved to Keycloak)
Tenant*(not saved to Keycloak)
Tenant/Assigned user*(not saved to Keycloak)
Tenant/Assigned group*(not saved to Keycloak)
Tenant/Assigned application*(not saved to Keycloak)

* This resource is only activated with the according feature flag.