Keycloak's AuthorizationResource.authorize processes only 100 resources

I'm using Keycloak 26.0.8 with Java SDK.

I'm calling AuthorizationResource.authorize() with permissionResourceFormat=uri. If, in the client I'm querying, there are more than 100 resources that fit the URI in the permissions request, Keycloak processes only the first 100 resources it finds, so I'm getting a partial response.

My questions:

• Is there an option for pagination in such case?
• Is there an option to change the limit of 100, or even remove it completely?
• Is there some best-practice to handle such case when i need the complete list of permissions?

Thanks

1. I think there is no pagination support for this case. The limitation is hardcoded in the AuthorizationTokenService.getResourceListByUri() method.

2. The limit is set as 100 by Constants.DEFAULT_MAX_RESULTS and cannot be modiefied. Even setting response_permissions_limit won't affect the limit.

3. I suggest a workaround for your problem: suddivide your queries into smaller batches using more specific URI patterns. Alternatively create multiple requests with different URI patterns and aggregate the results on the client side.