[keycloak-user] UMA vs OAuth

Dmitry Pichugin pdomsk at gmail.com
Wed Aug 15 06:35:30 EDT 2018


Good day!

We are using Keyclaok in our project, have installed version 4.2.1.

Our task:

- integration with API gateway and use KeyCloak for resources protect.

We would be to use "Client Credentials Flow" from OAuth specs. But during
version 4, KeyCloak does not support OAuth and is recommended to apply UMA
2.0.

Yes, the differences between UMA and OAuth not huge, as a request and
response(JWT token) formats, UMA has specific logic with RPT-token etc and
UMA gives some advantages(we do not have the plan to use it).

We try to make a request in OAuth specs but got the error.

Why does KeyCloak not support OAuth and UMA 2.0 same time? Do you have some
specific reasons for this?

Thank you!

Best regards. Dmitry Pichugin.


More information about the keycloak-user mailing list