[keycloak-user] help with bearer + basic auth

Bill Burke bburke at redhat.com
Tue Jul 14 12:16:12 EDT 2015

IIRC, the basic auth switch is so that you can send the token via basic 
auth rather than as bearer auth.  This is really only useful when you 
can't use a keycloak adapter, but can implement a LoginModule or 
something.  It has nothing to do with basic auth.

On 7/14/2015 12:04 PM, John Casey wrote:
> On 07/14/2015 10:49 AM, Juraci Paixão Kröhling wrote:
>> On 07/14/2015 05:32 PM, John Casey wrote:
>>> ...but it doesn't seem to have a javascript UI or anything using bearer
>>> tokens to verify that it works that way.
>> Not sure I understood your question, but removing the "bearer-only" and
>> adding "enable-basic-auth" should be enough to have your server adapter
>> to accept both bearer tokens and basic auth.
> This is exactly what I'm trying to do. I've tried removing "bearer-only"
> and replaced it with "enable-basic-auth"...which has two effects:
> - basic auth via curl works (it didn't before the change)
> - the UI (using javascript adapter + bearer token) gets 400 Bad Request
> Are you using the javascript adapter to login for your UI, passing the
> bearer token to the server? I guess what I'm asking is if your
> application actually uses both methods (basic auth and bearer token)?
> I'm not sure how to filter my realm json to pare out the unnecessary
> stuff, but here's a gist containing the full file (it's on a test docker
> container, so no worries about security):
> https://gist.github.com/jdcasey/3f934fcd4967b99ebb05

Bill Burke
JBoss, a division of Red Hat

More information about the keycloak-user mailing list