[keycloak-user] Guidelines about OAuth use case

[Jérôme Blanchard]

Hi all,

I must admit that OAuth sometimes appears a little complex for me and I
have a use that I'd like to submit in order to collect opinion and/or best
practice.

My application components are :
- a keycloak server configured.
- a REST API (/api) protected using WAR adapter
- a Angular GUI client of this REST API using JS Adapter
- another REST API (/tools)

The /tools API is accessed by the Angular GUI but is also a client of the
REST API (/api)

The /tools application have a rest-api-client.jar embedded that support
Credentials Client Grant to ensure OAuth authentication in order to access
the /api REST interface.

What I expected to do was to allow the Angular JS to propagate its
authentication in order to allow the /tools application to access /api
authenticated also.

I'm facing the problem on how to propagate the JS Adapter authentication to
the /tools application to allow it to use in the rest client ?

I did not mention that the /tools application is a background task manager
that could run a long time away after tool job submission...

I'm pretty lost in all the OAuth grant scenari and any suggestion should be
highly appreciated.

Thanks in advance, Jérôme.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20150106/04d320bc/attachment.html