[keycloak-user] REST API security

Bill Burke bburke at redhat.com
Mon Apr 14 10:39:14 EDT 2014 

You could use section 4.1 (Auth code grant) or 4.3 (Resource Owner 
Password Credentials Grant) with any OAuth library.  4.1 will require a 
browser.  4.3 doesn't.

We will always support OAuth 2.0 through OpenID Connect.

On 4/14/2014 10:34 AM, Nils Preusker wrote:
> Hi Bill,
>
> I'm familiar with the examples, however I'm looking for a way to grant
> third-party clients access to my API. Since they could be written in a
> variety of languages, I'd like them to be able to obtain a token in a
> defined way without being dependent on Keycloak.
>
> I suppose the approach Marek mentioned (OAuth spec section 4.3) should
> do the trick though (as long as you are planning to continue supporting it).
>
> Cheers,
> Nils
>
>
> On Mon, Apr 14, 2014 at 3:32 PM, Bill Burke <bburke at redhat.com
> <mailto:bburke at redhat.com>> wrote:
>
>     Bearer token security.  Take a look at the examples, specifically the
>     database-service.  This is a pure REST service secured by keyloak.
>
>     At the moment, we only have support for JBoss/Wildfly, but it wouldn't
>     take much to write an adapter for another java environment.
>
>     On 4/12/2014 1:09 PM, Nils Preusker wrote:
>      > Hi all,
>      >
>      > I'm trying to figure out how I could use keycloak to secure a
>     REST API
>      > that is used bu a pure backend REST client. Do you have any
>      > recommendations for that (i.e. API keys)?
>      >
>      > Cheers,
>      > Nils
>      >
>      >
>      > _______________________________________________
>      > keycloak-user mailing list
>      > keycloak-user at lists.jboss.org <mailto:keycloak-user at lists.jboss.org>
>      > https://lists.jboss.org/mailman/listinfo/keycloak-user
>      >
>
>     --
>     Bill Burke
>     JBoss, a division of Red Hat
>     http://bill.burkecentral.com
>     _______________________________________________
>     keycloak-user mailing list
>     keycloak-user at lists.jboss.org <mailto:keycloak-user at lists.jboss.org>
>     https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>

-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com

More information about the keycloak-user mailing list