[keycloak-user] Where do I find the secret to verify a token
Bruno Mairlot
bruno at maehdros.com
Wed Dec 26 08:14:38 EST 2018
Dear List Members,
I am working on implementing a Single Sign On with keycloak and I have
implemented the Standard Flow, I can exchange the Authorization Grant to
receive the tokens, but I cannot find a way to verify them.
Each time I try to check the token, classical tools like jwt.io or
https://www.jsonwebtoken.io/ says the signature is incorrect.
I would like to know, which secret does Keycloak use to sign (with
HS256) the tokens ? And where can I find it ?
I tried the client secret, but it seems wrong to me.
Many thanks for your help,
Cheers,
Bruno Mairlot
More information about the keycloak-user
mailing list