[keycloak-user] Help using Keycloak for Mobile apps
Stian Thorgersen
sthorger at redhat.com
Mon Sep 12 02:39:22 EDT 2016
It's all standard OAuth2 stuff so there's plenty of material on Google that
describes how to do this.
That doesn't return a token it returns an authorization code. Take a look
at:
https://tools.ietf.org/html/rfc6749#section-3.1
That'll show you how to get the tokens. Then:
https://tools.ietf.org/html/rfc6749#section-6
Will show you how to refresh the token.
On 12 September 2016 at 00:23, Sam McCollum <smccollum at westmont.edu> wrote:
> Hi All,
>
> I'm working on a project with some fellow students and we are attempting
> to use Keycloak to manage the authentication and authorization for our java
> backend running on Wildfly. We've managed to retrieve a token which we
> believe to be an offline token by opening the following URL on the mobile
> client and intercepting a custom URL schema:
> http://keycloak.cs.westmont.edu/auth/realms/Westmont/protoco
> l/openid-connect/auth?redirect_uri=app.test://login&response
> _type=code&client_id=TestApp&scope=offline_access
>
> We hope that this doesn't bother you, but we are really struggling to
> figure out how to request the access token from the refresh token using the
> REST API as we haven't found any documentation or tutorials covering this
> use case.
>
> We are also hoping to open source our efforts at building a library for
> mobile apps to use with Keycloak.
>
> Please let us know if there is anything else you need to understand from
> us.
>
> Thanks in advance,
>
> Sam
>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160912/0de3f418/attachment.html
More information about the keycloak-user
mailing list