[keycloak-user] Need help in resolving error with authorizing our app using Keycloak

[Ganga Lakshmanasamy]

Hi,

We have a web application which uses keycloak as its authentication server.
Currently, we have enabled keycloak only at our client side which is an
angular code. We would like to enable the keycloak security for our rest
services as well. So we did the following,
1. Created a new client in our realm for backend services with access type
"bearer-only".
2. Configured keycloak adapter in wildfly where our backend rest services
are deployed.
3. Added keycloak.json file of backend services client.
4. Logged into our application through our angular client and got the token.
5. Tried accessing the backend rest api with the access token sent as part
of header as below.
Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJqdGkiOiJiMjc0ZTY3My0yOTg1LT
QwNmEtOWE0YS1...

Getting* 403 Forbidden access* error while invoking the rest service even
though the user has the required roles set. Please help us in resolving the
issue.

Regards,
Ganga Lakshmanasamy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160912/8b1e7b27/attachment.html