[keycloak-user] Access Token And PRT(request party token), which one should I use to access the resource protected by keycloak

Pedro Igor Silva psilva at redhat.com
Mon Apr 17 07:22:47 EDT 2017


Hi,

If your resources are protected with a policy enforcer you should send a
RPT. This token is pretty much an access token with an additional claim
holding the permissions.

Regards.
Pedro Igor

On Mon, Apr 17, 2017 at 6:08 AM, Yizhou Jiang(Yizhou) <
yizhoujiang at hengtiansoft.com> wrote:

> Hi,
>                By reading the document of KeyCloak ,I found that I can use
> a Access-token  or a PRT(request party token) to access the resources
> protected by keycloak.
>
> 1  Use  PRT: https://keycloak.gitbooks.io/documentation/authorization_
> services/topics/enforcer/keycloak-enforcement-bearer.html
>
> GET /my-resource-server/my-protected-resource HTTP/1.1
> Host: host.com
> Authorization: Bearer ${RPT}
>
> 2  Use access token: https://github.com/keycloak/
> keycloak-quickstarts/blob/master/app-jee-html5/src/main/webapp/app.js
>
> line 38
>
> if (keycloak.authenticated) {
>        req.setRequestHeader('Authorization', 'Bearer ' + keycloak.token);
> }
>
>    I'm  confused about the  difference  between them.  I don't know  When
> I should use access token , and when I should use another one ?
> I am looking forward to your reply.
>
> thanks ,
> yizhou
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>


More information about the keycloak-user mailing list