[keycloak-user] iOS App login with Keycloak

Thomas Darimont thomas.darimont at googlemail.com
Thu Sep 29 08:21:59 EDT 2016


That's very interesting, thanks for sharing.

Has someone already used the AppAuth apps they mentioned in the google
developers article with Keycloak?
e.g.: https://github.com/openid/AppAuth-Android

Cheers,
Thomas

2016-09-29 12:14 GMT+02:00 Sebastien Blanc <sblanc at redhat.com>:

> Let's be careful with using Webviews, for instance, Google will soon block
> any OAuth interactions that use the webviews (
> https://developers.googleblog.com/2016/08/modernizing-oauth-
> interactions-in-native-apps.html ) , instead they recommand using the
> mobile browser. For Cordova apps, keycloak.js already works with
> inappbrowser that opens a "external" browser, isolated from the app.
>
> On Thu, Sep 29, 2016 at 11:35 AM, Stian Thorgersen <sthorger at redhat.com>
> wrote:
>
>> I highly recommend using an embedded webview and not use native login and
>> direct grant api. That is best practice both for Keycloak and OIDC in
>> general.
>>
>> On 26 September 2016 at 05:21, Joey <huazonglin at gmail.com> wrote:
>>
>>> Thanks Guys, sorry for reply so late. I will try your solutions later.
>>> thanks.
>>>
>>> On Thu, Sep 22, 2016 at 8:39 PM, Thomas Darimont
>>> <thomas.darimont at googlemail.com> wrote:
>>> > Hello,
>>> >
>>> > I adapted an Android based OpenID Connect Demo Application to work with
>>> > Keycloak.
>>> > In Keycloak I created a confidential client with direct access grants
>>> as
>>> > Scott described.
>>> >
>>> > https://github.com/thomasdarimont/android-openid-connect/tre
>>> e/feature/keycloak-oidc-demo
>>> > See the recent commits in the feature/keycloak-oidc-demo branch.
>>> >
>>> > Cheers,
>>> > Thomas
>>> >
>>> > 2016-09-22 13:57 GMT+02:00 Scott Rossillo <srossillo at smartling.com>:
>>> >>
>>> >> You can do that using direct access grants if you search the docs for
>>> it.
>>> >> However, we have native apps and just skinned our login pages to be
>>> >> responsive and look great on mobile.
>>> >>
>>> >> The latter option is a better approach especially if you plan to
>>> implement
>>> >> 2FA.
>>> >>
>>> >> On Thu, Sep 22, 2016 at 6:27 AM Joey <huazonglin at gmail.com> wrote:
>>> >>>
>>> >>> Hi Guys,
>>> >>>
>>> >>> We are building a system, including 3 subsystems for a big website.
>>> >>> and iOS and Android app. We use KeyCloak as the SSO server for all
>>> >>> subsystems, and then we also want to use KeyCloak for iOS and Android
>>> >>> as the login server. But for iOS, Android we want to use native login
>>> >>> page not the html page provide by KeyCloak adapter. but I read all
>>> >>> documents and discussions, I didnt find a way how to implement it.
>>> >>> Anybody can help me? thanks.
>>> >>>
>>> >>>
>>> >>> Joey
>>> >>> _______________________________________________
>>> >>> keycloak-user mailing list
>>> >>> keycloak-user at lists.jboss.org
>>> >>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>> >>
>>> >>
>>> >> _______________________________________________
>>> >> keycloak-user mailing list
>>> >> keycloak-user at lists.jboss.org
>>> >> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>> >
>>> >
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>
>>
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160929/07354c54/attachment.html 


More information about the keycloak-user mailing list