1 | initial version |
Keycloak provides a feature called "Policy Script" where claims can be pushed to policies based on regular expressions using JavaScript. The Policy Script allows for custom validation of a policy request before it is granted or denied.
To use regular expressions in Policy Script:
var regex = new RegExp('your-regular-expression');
if (regex.test(claim-value)) {
// Add the claim to the policy
policy.addClaim('your-claim-name', 'your-claim-value');
}
Now, when a user tries to access a resource that requires the policy, Keycloak will execute the Policy Script and add the claim to the policy if the regular expression matches the claim value.