[keycloak-user] Application to Application OAuth using KeyCloak Clients
Raja Sekhar
rkonkala at yahoo.com
Thu Oct 6 14:59:01 EDT 2016
I have a REST Service and multiple REST Clients. There is no user interaction involved in this case, communication is APP to APP. I need to use Java Servlet Filter Adapter as there is no Adapter for WebLogic. Please help me setting up my REST Service Keycloak client and my REST Client Keycloak Clients.
I used OpenID Bearer-Only KeyCloak client on my Service side and OpenID Confidential KeyCloak Client on my Client side. Using a user credentials and OpenID Confidential KeyCloak Client secret I am able generate an access token and able to make calls to my secured Service. (Service is configured with OpenID Bearer-Only KeyCloak client). Any user with or with out a role assigned to them can generate the access token using the OpenID confidential KeyCloak client and able to make calls to my secured service. (How to configure bearer-only KeyCloak client to filter or accept certain users who are using OpenID confidential KeyCloak clients) Thanks and Regards
Raja Konkala
More information about the keycloak-user
mailing list