[keycloak-user] Two way communication required between Keycloak Server and REST API BAckend Server?

Adrian Matei adrianmatei at gmail.com
Tue Jul 19 04:20:58 EDT 2016

Hi Stian,

Thank you for the confirmation.

Kind regards,

On Tue, Jul 19, 2016 at 8:45 AM, Stian Thorgersen <sthorger at redhat.com>

> The REST service doesn't need to communicate directly with Keycloak. The
> auth-server-url is required by a bearer only token mainly to verify the
> issuer in the token (it's the full url of the realm, not just the realm
> name).
> On 15 July 2016 at 16:34, Adrian Matei <adrianmatei at gmail.com> wrote:
>> Hi everyone,
>> Does a Keycloak secured REST Api on JBoss EAP 6.1 (access-type bearer
>> only) need to communicate with the Keycloak Server once the Adapter and
>> standalone.xml are properly configured?
>> Currently both servers are on the same DMZ zone, but we'd like to move
>> the REST Api Server in Intranet zone.
>> (test - the REST backend seems to be callable as long as the token is
>> valid, though the Keycloak Server was shutdown, but I ask myself why do I
>> need to specify the auth-server-url in standalone.xml, or keycloak.json
>> file)
>> Thanks
>> Adrian
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160719/1e4c7a4d/attachment.html 

More information about the keycloak-user mailing list