[keycloak-dev] <kc:bearer-only> and BASIC auth
Thomas Raehalme
thomas.raehalme at aitiofinland.com
Fri Aug 21 11:17:33 EDT 2015
On Aug 21, 2015 6:09 PM, "Bill Burke" <bburke at redhat.com> wrote:
>
> BTW, I despise our Basic Auth option. One of the points of SAML/OIDC is
> that the application never has access to user credentials. Using Basic
> Auth violates that principle....But to each his own...
I understand your point of view. But from a user perspective having the
Basic auth option makes migration so much easier as you can migrate clients
one by one.
Best regards,
Thomas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20150821/285c7102/attachment-0001.html
More information about the keycloak-dev
mailing list