[keycloak-user] Problems with bearer-only client
Christoph Guse
info at flex-guse.de
Fri Oct 7 09:26:39 EDT 2016
Hi,
currently I have some trouble getting an Access Token using a
bearer-only client in combination with Keycloak 2.2.1.
In my Proof Of Concept realm (sso-poc) I created a client which was
configured to accept bearer-only authentication. If I got this right no
user login is needed and this client type is perfect for technical users.
Then I do a HTTP Post like this:
curl -X POST -F "grant_type=client_credentials" -F "client_id=auth-app2"
-F "client_secret=2fd7033a-1971-4855-b64c-b9783f1ff14d"
https://web-sso/auth/realms/sso-poc/protocol/openid-connect/token
<https://web-sso.services.emea.dir/auth/realms/sso-poc/protocol/openid-connect/token>
Unfortunately the response is not an AccessToken but the error message
{
"error": "invalid_client",
"error_description": "Bearer-only not allowed"
}
As I configured the client as bearer-only authentication, I'm a little
helpless and I ran out of ideas what I could do.
Any ideas?
Thank you in advance,
Christoph
More information about the keycloak-user
mailing list