The problem Basic Keycloak permissions can be granted via the roles present in system clients. The realm-management client is used in most cases. However, there is a problem: existing permissions cannot be configured to meet your needs and provide too much access. You can make a user to manage all users in the realm or manage no one. There are two possible scenarios in this case. Only a limited number of developers have access to the realm, which makes them responsible for managing test users.

Stop the madness of Hybrid Cloud Identity You know, our team learned very early the difference between knowing the name of something and knowing something. You can look at a bird and say, “That’s a brown-throated thrush”, or in German, “Die Schwarzkehldrossel”, or in AWS, “arn:aws:iam::123456:user/Bob”. But knowing those names doesn’t tell you anything about the bird. And it certainly doesn’t tell you anything about Bob. How we build data platforms in the cloud today?