[keycloak-user] How does a bearer only client validate
Pulkit Gupta
pulgupta at redhat.com
Wed May 31 08:14:49 EDT 2017
Hi All,
I have two keycloak client one is a public client using implicit flow and
authenticating the user via a redirect and then once the user is
authenticate the client receives a token.
This token is then passed to a REST based backend service which validate it
before providing access to the API data.
I am looking for more information on how does a bearer only client
validates the token which it receives from the JavaScript based public
client. I will also be interested to understand more about the relationship
of these two clients based on scope to make this setup work
--
PULKIT
More information about the keycloak-user
mailing list