[keycloak-dev] Direct grant always on
Marek Posolda
mposolda at redhat.com
Tue Jun 2 10:19:41 EDT 2015
Maybe we can have it "true" by default, as it will likely save a lot of
pain to many people. However I would not remove it as at least OAuth2
specs doesn't like it very well (Especially see 10.7
https://tools.ietf.org/html/rfc6749#page-57 ).
Maybe better alternative is to have the possibility to enable it for
master realm with something like the keycloak-bootstrap.json file, which
was planned to be added at some point (or maybe even have the option in
keycloak-server.json) ?
Marek
On 2.6.2015 15:04, Stian Thorgersen wrote:
> I propose we remove the option to enable/disable direct grant and always have it on. Alternatively we need an option to enable it without using the admin console.
>
> This is for users that want to use a CLI, or needs to do some automatic configuration when provisioning a KC.
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
More information about the keycloak-dev
mailing list