In Keycloak I see there is a CRUD API to create a resource (and scopes):

http://${host}:${port}/auth/realms/${realm_name}/authz/protection/resource_set

Create resource set description: POST /resource_set
Read resource set description: GET /resource_set/{_id}
Update resource set description: PUT /resource_set/{_id}
Delete resource set description: DELETE /resource_set/{_id}

But I don't see an API to CRUD Authorization Policies, Permissions.

I tried to create policies via the protection/resource_set endpoint but failed:

POST: "policies":[ {...} ] => Unrecognized field "policies"

Is there a way to CRUD Authorization Policies/Permissions via API?

(I'm not using a java client - I want to do this with postman)

Any help would be grateful

Ok found something ...

When requesting API endpoints like this you get the access to policies/permissions:

http://${host}:${port}/auth/admin/realms/${realm_name}/clients/${client_id}/authz/resource-server/policy/user/${policy_id}

But I still can't find something in the official documentation about this ...