[keycloak-user] REST API security
Nils Preusker
n.preusker at gmail.com
Mon Apr 14 12:14:33 EDT 2014
Hi Bill,
ok, so 4.3 seems to be the way to go for us. Did I understand you correctly
that keycloak will continue to support this?
Cheers,
Nils
On Mon, Apr 14, 2014 at 4:39 PM, Bill Burke <bburke at redhat.com> wrote:
> You could use section 4.1 (Auth code grant) or 4.3 (Resource Owner
> Password Credentials Grant) with any OAuth library. 4.1 will require a
> browser. 4.3 doesn't.
>
> We will always support OAuth 2.0 through OpenID Connect.
>
> On 4/14/2014 10:34 AM, Nils Preusker wrote:
> > Hi Bill,
> >
> > I'm familiar with the examples, however I'm looking for a way to grant
> > third-party clients access to my API. Since they could be written in a
> > variety of languages, I'd like them to be able to obtain a token in a
> > defined way without being dependent on Keycloak.
> >
> > I suppose the approach Marek mentioned (OAuth spec section 4.3) should
> > do the trick though (as long as you are planning to continue supporting
> it).
> >
> > Cheers,
> > Nils
> >
> >
> > On Mon, Apr 14, 2014 at 3:32 PM, Bill Burke <bburke at redhat.com
> > <mailto:bburke at redhat.com>> wrote:
> >
> > Bearer token security. Take a look at the examples, specifically the
> > database-service. This is a pure REST service secured by keyloak.
> >
> > At the moment, we only have support for JBoss/Wildfly, but it
> wouldn't
> > take much to write an adapter for another java environment.
> >
> > On 4/12/2014 1:09 PM, Nils Preusker wrote:
> > > Hi all,
> > >
> > > I'm trying to figure out how I could use keycloak to secure a
> > REST API
> > > that is used bu a pure backend REST client. Do you have any
> > > recommendations for that (i.e. API keys)?
> > >
> > > Cheers,
> > > Nils
> > >
> > >
> > > _______________________________________________
> > > keycloak-user mailing list
> > > keycloak-user at lists.jboss.org <mailto:
> keycloak-user at lists.jboss.org>
> > > https://lists.jboss.org/mailman/listinfo/keycloak-user
> > >
> >
> > --
> > Bill Burke
> > JBoss, a division of Red Hat
> > http://bill.burkecentral.com
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org <mailto:keycloak-user at lists.jboss.org>
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
> >
> >
> >
> >
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
> >
>
> --
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20140414/a75ff201/attachment.html
More information about the keycloak-user
mailing list