[keycloak-user] Securing 3rd party APIs
Pavel Maslov
pavel.masloff at gmail.com
Tue May 17 10:45:25 EDT 2016
Thanks Bill, that's what I was looking for. Will take a look.
Regards,
Pavel Maslov, MS
On Tue, May 17, 2016 at 4:43 PM, Bill Burke <bburke at redhat.com> wrote:
> See Keycloak Proxy.
>
> On 5/17/16 10:38 AM, Bruno Oliveira wrote:
> > Hi Pavel, isn't something like this
> http://keycloak.github.io/docs/userguide/keycloak-server/html/ch08.html#d4e1006
> > enough?
> >
> > On 2016-05-17, Pavel Maslov wrote:
> >> Hi all,
> >>
> >>
> >> Suppose we have a 3rd party REST API, which is not secured. How could we
> >> integrate OAuth2.0 authentication using Keycloak? My first guess is to
> >> create a mediation service (written in Java), which will use the
> Keycloak
> >> Java adapter and will authenticate users based off the security_token
> >> (passed to the mediation service with each request), and forward all
> >> requests (including headers) to the 3rd party REST API (unsecured).
> >>
> >> Does it make any sense? If so, has anyone written something similar?
> >>
> >> Thanks.
> >>
> >> Regards,
> >> Pavel Maslov, MS
> >> _______________________________________________
> >> keycloak-user mailing list
> >> keycloak-user at lists.jboss.org
> >> https://lists.jboss.org/mailman/listinfo/keycloak-user
> >
> > --
> >
> > abstractj
> > PGP: 0x84DC9914
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160517/82a0aa65/attachment.html
More information about the keycloak-user
mailing list