[keycloak-dev] Remove realm json at "/auth/realms/<realm name>"
Bill Burke
bburke at redhat.com
Tue Aug 15 13:18:57 EDT 2017
The idea of that URL is to expose public information about the realm,
i.e. public cert/key and public endpoint urls. If this information is
not being used and we have other mechanisms in place, then yeah, remove it.
IMO, the jira you reference is unrelated. Its about shutting down the
admin console/API. As far as that goes, it would be cool to split up
keycloak into separate subsystems:
* backend (required)
* admin api/console
* account service
* authentication/brokering/token endpoints
Even have the admin api/console be exposed from a different bind
address/port.
On 8/15/17 8:00 AM, Stian Thorgersen wrote:
> I propose we remove the realm json returned at "/auth/realms/<realm name>"
> and just return an empty page
>
> * It can end-up being visible to end-users - we should rather have a realm
> welcome page / SSO landing page here
> * It's not used by anything AFAIK
> * From time to time people complain about it (
> https://issues.jboss.org/browse/KEYCLOAK-5279 for instance, there's more
> similar issues reported)
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
More information about the keycloak-dev
mailing list