<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">Hi,<br>
<br>
the best is to start with documentation
<a class="moz-txt-link-freetext" href="http://docs.jboss.org/keycloak/docs/1.0-beta-3/userguide/html/index.html">http://docs.jboss.org/keycloak/docs/1.0-beta-3/userguide/html/index.html</a>
and also look at existing examples
<a class="moz-txt-link-freetext" href="https://github.com/keycloak/keycloak/tree/master/examples">https://github.com/keycloak/keycloak/tree/master/examples</a> .
Probably most useful for you might be
<a class="moz-txt-link-freetext" href="https://github.com/keycloak/keycloak/tree/master/examples/demo-template">https://github.com/keycloak/keycloak/tree/master/examples/demo-template</a>
. It has restful application "database-service", where you can
send secured REST requests with the bearer token attached to them.
Other applications in the directory are web applications, which
obtain bearer token from the Keycloak login . Product-portal and
customer-portal are JEE applications secured by Keycloak itself,
third-party and third-party-cdi is more traditional OAuth where
token is used just to retrieve the secured data from
"database-service" . See the README for more info. <br>
<br>
Example for CORS support is here:
<a class="moz-txt-link-freetext" href="https://github.com/keycloak/keycloak/tree/master/examples/cors">https://github.com/keycloak/keycloak/tree/master/examples/cors</a><br>
<br>
Marek<br>
<br>
On 25.7.2014 23:04, Harit Himanshu wrote:<br>
</div>
<blockquote
cite="mid:CADYyO+VKC0cSkbHvmY2vJerB9PJ_J_h4fmdc3bsLy1VtamYMFw@mail.gmail.com"
type="cite">
<div dir="ltr"><span
style="font-family:arial,sans-serif;font-size:13px">Hey Team,</span>
<div style="font-family:arial,sans-serif;font-size:13px"><br>
</div>
<div style="font-family:arial,sans-serif;font-size:13px">I am
been looking for answer to <a moz-do-not-send="true"
href="http://stackoverflow.com/questions/24769691/what-are-some-ways-to-secure-rest-apis"
target="_blank">http://stackoverflow.com/questions/24769691/what-are-some-ways-to-secure-rest-apis</a> and
found that keycloak is suitable for securing REST APIs using
OAuth 2.0.</div>
<div style="font-family:arial,sans-serif;font-size:13px"><br>
</div>
<div style="font-family:arial,sans-serif;font-size:13px">I am
looking for example where the following is demonstrated</div>
<div style="font-family:arial,sans-serif;font-size:13px">
a.) Third-party app registers and gets Access Token</div>
<div style="font-family:arial,sans-serif;font-size:13px">b.)
Third-Party app accesses Resource Server to access protected
resource by sending Access Token to REST API</div>
<div style="font-family:arial,sans-serif;font-size:13px">c.) and
How Token is validated.</div>
<div style="font-family:arial,sans-serif;font-size:13px"><br>
</div>
<div style="font-family:arial,sans-serif;font-size:13px"><br>
</div>
<div style="font-family:arial,sans-serif;font-size:13px">It is
mentioned in features of keycloak as </div>
<div style="font-family:arial,sans-serif;font-size:13px">
<ul style="margin:0px;padding:10px 0px 10px
15px;color:rgb(119,119,119);font-family:Helvetica,Arial,sans-serif;font-size:12px;line-height:18px">
<li style="margin-left:5px;list-style:none;padding:0px 0px
0px
20px;background:url(https://static.jboss.org/theme/images/magnolia/check-sprite.gif)
0px -124px no-repeat scroll transparent">OAuth Bearer
token auth for REST Services</li>
<li style="margin-left:5px;list-style:none;padding:0px 0px
0px
20px;background:url(https://static.jboss.org/theme/images/magnolia/check-sprite.gif)
0px -124px no-repeat scroll transparent"><span
style="background-color:transparent">OAuth 2.0 Grant
requests</span></li>
<li style="margin-left:5px;list-style:none;padding:0px 0px
0px
20px;background:url(https://static.jboss.org/theme/images/magnolia/check-sprite.gif)
0px -124px no-repeat scroll transparent">CORS Support</li>
</ul>
</div>
<div style="font-family:arial,sans-serif;font-size:13px">
Can you please guide me through examples?</div>
<div style="font-family:arial,sans-serif;font-size:13px"><br>
</div>
<div style="font-family:arial,sans-serif;font-size:13px">Thank
you</div>
<div class=""
style="font-family:arial,sans-serif;font-size:13px">
</div>
</div>
<div class="gmail_extra"><br>
<br>
<div class="gmail_quote">On Fri, Jul 25, 2014 at 2:00 PM, Harit
Himanshu <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:harit.subscriptions@gmail.com"
target="_blank">harit.subscriptions@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">Hey Team,
<div><br>
</div>
<div>I am been looking for answer to <a
moz-do-not-send="true"
href="http://stackoverflow.com/questions/24769691/what-are-some-ways-to-secure-rest-apis"
target="_blank">http://stackoverflow.com/questions/24769691/what-are-some-ways-to-secure-rest-apis</a>
and found that keycloak is suitable for securing REST
APIs using OAuth 2.0.</div>
<div><br>
</div>
<div>I am looking for example where the following is
demonstrated</div>
<div>a.) Third-party app registers and gets Access Token</div>
<div>b.) Third-Party app accesses Resource Server to
access protected resource by sending Access Token to
REST API</div>
<div>c.) and How Token is validated.</div>
<div><br>
</div>
<div><br>
</div>
<div>It is mentioned in features of keycloak as </div>
<div>
<ul style="margin:0px;padding:10px 0px 10px
15px;color:rgb(119,119,119);font-family:Helvetica,Arial,sans-serif;font-size:12px;line-height:18px">
<li style="list-style:none;margin-left:5px;padding:0px
0px 0px
20px;background:url(https://static.jboss.org/theme/images/magnolia/check-sprite.gif)
0px -124px no-repeat scroll transparent">OAuth
Bearer token auth for REST Services</li>
<li style="list-style:none;margin-left:5px;padding:0px
0px 0px
20px;background:url(https://static.jboss.org/theme/images/magnolia/check-sprite.gif)
0px -124px no-repeat scroll transparent"><span
style="background-color:transparent">OAuth 2.0
Grant requests</span></li>
<li style="list-style:none;margin-left:5px;padding:0px
0px 0px
20px;background:url(https://static.jboss.org/theme/images/magnolia/check-sprite.gif)
0px -124px no-repeat scroll transparent">CORS
Support</li>
</ul>
</div>
<div>
Can you please guide me through examples?</div>
<div><br>
</div>
<div>Thank you</div>
<span class="HOEnZb"><font color="#888888">
<div>+ Harit Himanshu</div>
</font></span></div>
</blockquote>
</div>
<br>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
keycloak-dev mailing list
<a class="moz-txt-link-abbreviated" href="mailto:keycloak-dev@lists.jboss.org">keycloak-dev@lists.jboss.org</a>
<a class="moz-txt-link-freetext" href="https://lists.jboss.org/mailman/listinfo/keycloak-dev">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a></pre>
</blockquote>
<br>
</body>
</html>