stesie/research
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
No description
6 commits 1 branch 0 tags 67 KiB
  • Shell 100%
Find a file
Exact
Stefan Siegl 31bf06ea73 Experiment 2: two backends, per-backend role isolation 
- bootstrap2.md: full Keycloak setup for ui/cxc/backend-a/backend-b
- demo2.md: demonstrates clean role isolation using optional client scopes
- Key finding: KC26 allows scope upscoping during token exchange (optional
  scopes of the exchange client can be requested even if not in subject token)
- Two isolation layers: scope-as-audience-gate + audience param strips
  non-matching resource_access entries
- scripts/: helper scripts for each setup step
- notes.md, README.md: updated with experiment 2 findings
2026-03-19 08:07:32 +01:00
keycloak-offline-token 2nd try: user-held offline token passed to cxc — works in KC26 2026-03-18 23:46:01 +01:00
keycloak-token-exchange Experiment 2: two backends, per-backend role isolation 2026-03-19 08:07:32 +01:00
AGENTS.md initial commit. 2026-03-18 21:29:13 +01:00
README.md README. 2026-03-19 00:06:04 +01:00

README.md

Research projects carried out by AI tools

Each directory in this repo is a separate research project carried out by an LLM tool - usually Pi Coding Agent backed by Claude.

Every single line of text and code was written by an LLM.

This repository's layout is inspired by Simon Willison's "Research" repo.