[keycloak-user] Realm Keys Public Access
Marek Posolda
mposolda at redhat.com
Thu Sep 28 03:47:57 EDT 2017
Yes, it is possible and our adapters are using it. It's like
http://localhost:8081/auth/realms/master/protocol/openid-connect/certs
(replace your protocol, server, port and realm).
Marek
On 25/09/17 23:03, Russell Davies wrote:
> Is there any way to access the realm keys without making an authenticated
> request? That is by making a GET request to `/auth/admin/realms/{realm
> name}/keys` without an authorization token.
>
> I ask because when I add a new service, that needs to verify a JWT sent to
> it, I have to manually authenticate, get the public key and then configure
> a JWK from that. It would be easier if I could just tell me service the URL
> and it would fetch the public key from the Keycloak API.
>
> The response for the keys doesn't include any private information so I
> don't see any issue in regard to security. Or am I missing something, or is
> there another way to do this?
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list