[keycloak-user] Missing Basic Authentication functionality for connecting to an OpenId Identity Provider
Merckx, Ulrich
ulrich.merckx at vlaanderen.be
Fri Feb 23 08:20:35 EST 2018
Hi,
We are having an issue while connecting from keycloak to a certain OpenId Identity Provider.
The OpenId Provider only supports logging in with Basic Authentication (client_id and client_secret), as specified in
"token_endpoint_auth_methods_supported": [
"client_secret_basic”
]
Currently keycloak does only support ‘posting' the client_id and client_secret. This will not work with the OpenID Identity Provider.
Or maybe I don’t see how to configure it.
Code: https://github.com/keycloak/keycloak/blob/63efee6e158c4a06d4948819cb36ccf88bcf5e0f/services/src/main/java/org/keycloak/broker/oidc/AbstractOAuth2IdentityProvider.java#L423
Can you confirm connecting to an OpenId Identity Provider with Basic Authentication is not implemented in keycloak.
If this is not implemented I will make a JIRA issue.
The OAuth RFC also states that it is recommended to use Basic Authentication over Posting. (see: https://tools.ietf.org/html/rfc6749#section-2.3.1).
Kind regards,
Ulrich Merckx
Ontwikkelaar
DEPARTEMENT OMGEVING
Afdeling Data- en informatiebeheer en Digitale Maatschappij
T 02 553 00 00, M 0478 69 59 18
Koning Albert II-laan 20 bus 8, 1000 Brussel
www.omgevingvlaanderen.be<http://www.omgevingvlaanderen.be/>
www.milieuinfo.be<http://www.milieuinfo.be/>
[cid:88CF64B4-2C47-48FB-B4AF-3AEF93EE6B24 at mmis.be]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pastedGraphic_3.png
Type: image/png
Size: 5699 bytes
Desc: pastedGraphic_3.png
Url : http://lists.jboss.org/pipermail/keycloak-user/attachments/20180223/0ad4b9f1/attachment.png
More information about the keycloak-user
mailing list