Symptoms
Logging in to the Event Streams UI as a Keycloak user fails with the message 403 Not authorized, indicating that the user does not have permission to access the Event Streams instance.
Causes
To access the Event Streams UI, the Keycloak user must either have the eventstreams-admin role or the admin role and be in a team with a namespace resource added for the namespace containing the Event Streams instance. If neither of these applies, the error will be displayed.
Resolving the problem
Assign access to users with an administrator role by ensuring they are in a group with access to the correct namespace.
If you configured Event Streams with Keycloak, assign access to the eventstreams-admin or the admin role.