[keycloak-user] authz client incompatible with client definition

Bill Burke bburke at redhat.com
Mon May 15 09:38:12 EDT 2017


A client asks for a token on behalf of a specific user.  You ahve to 
provide the credentials of the user if you are doing a REST call to 
obtain a token (direct grant).  If the client is not public then you 
also have to provide the client's credentials. Finally, we have 
something called "service accounts".  This is something you can enable 
per client which allows the client to act as a user.  Hope that answers 
your question.


On 5/15/17 9:31 AM, Denny Israel wrote:
> I am writing a command line interface which needs to authenticate against
> keycloak. After creating the client definition in keycloaks admin console i
> copy the installation data (keycloak.json) into the cli. When i try to use
> the authz client i am not even able to create the client because it does
> not know the option "ssl-required". When i remove this option the client
> can be created but throws another exception when i call
> "obtainAccessToken", this time complaining about missing credentials. The
> credentials are missing because i made the client "public".
> Am i doing something wrong or do i missunderstand the purpose of the authz
> client?
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user



More information about the keycloak-user mailing list