[keycloak-user] Is it possible to use a non Keycloak client to call a Keycloak secured Rest services?
Christina Lau
christinalau28 at icloud.com
Tue Jul 15 12:00:30 EDT 2014
Ok great. Is it correct to map this admin-client approach to what is typically call 2-legged OAuth, and the tutorial 3 approach to 3-legged OAuth?
On Jul 15, 2014, at 11:44 AM, Bill Burke <bburke at redhat.com> wrote:
> using admin-client is fine.
>
> On 7/15/2014 11:38 AM, Christina Lau wrote:
>> Thanks Bill, it works. However I noticed that it is using the admin-client as the OAuth client for granting access to all users in the same realm. i.e. after I created my own realm, I have to add admin-client to my own realm in order for this to work.
>>
>> New Question: Do you recommend we use admin-client as a generic OAuth client for getting the access token, or should each user have their own OAuth client app like what you show in Keycloak tutorial 3? I am not yet understanding their differences. Using admin-client OAuth client seems more straightforward without the extra grant page and without the need to create more OAuth clients. I just want to make sure that it is intended to be use this way for client making Restful service calls secured by Keycloak. The Keycloak notion still seems to be exposed a little bit, but it is not too bad.
>>
>> Thanks for your help.
>>
>> Christina
>>
>
> --
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com
More information about the keycloak-user
mailing list