He replied by email indeed to the external user. I just copy-pasted his reply here. Sorry for the misunderstanding.

Álvaro, you cannot simply write the comment. Please, be aware this issue come from an external user, so you have to email it. Right? Thanks

Answer from KeyRock IdM owner:

Hi,

as Cyril has comment, Keyrock (Horizon specifically) sets the permissions in the AuthZForce when a user configures them in the GUI.

To configure the host where AuthZForce is running you have to use this Horizon setting:

https://github.com/ging/horizon/blob/master/openstack_dashboard/local/local_settings.py.example#L624

BR
–
Álvaro

Hello,
I am the GE owner of Authzforce. I received your request below. As far as I know, it is the responsibility of the IdM to push the role and permissions to Authzforce, so I will ask the IdM owner.

Regards,
Cyril

----------------
Hello from Greece,

I am a developer and i have a setup in fiware lab with 2 VMs. One VM for
IDM, PEP Proxy and Authorization PDP and one for the Context Broker.
Everything works fine except Authorization PDP (AuthZForce). In fact i
cannot find a way to synchronize the roles and permissions of the IDM
(KeyRock) with the AuthZForce (now AuthZForce is allowing every request).
I found something about Docker, but I realy want to setup my own custom
system.
I would appreciate your help since i did not found anything in
StackOverflow (except the Docker solution). Thank you in advance.

George

Since January 1st, old domains won't be supported and messages sent to any domain different to @lists.fiware.org will be lost.
Please, send your messages using the new domain (Fiware-lab-help@lists.fiware.org) instead of the old one.
_______________________________________________
Fiware-lab-help mailing list
Fiware-lab-help@lists.fiware.org
https://lists.fiware.org/listinfo/fiware-lab-help
[Created via e-mail received from: =?UTF-8?B?zpPOuc+Oz4HOs86/z4IgzqfOsc+BzrnPhM6szrrOt8+C?= <chgiorgos13@gmail.com>]