[keycloak-user] Frontend and backend on separate servers

Irtiza Ali iali at an10.io
Wed Jul 18 11:22:20 EDT 2018


I agree with you but i have to perform some operations thats why request go
through backend.

Its one of the ways to do it.

On Wed, 18 Jul 2018, 20:19 Nikola Malenic, <nikola.malenic at netsetglobal.rs>
wrote:

> But this is not what I would like to achieve. In your situation, I think
> your frontend could easily use Keycloak’s endpoints for authentication and
> authorization instead of calling your backend for such things.
>
> I would like to avoid writing proxy endpoints to Keycloak’s endpoints
> myself.
>
>
>
> *From:* Irtiza Ali [mailto:iali at an10.io]
> *Sent:* Wednesday, July 18, 2018 5:08 PM
> *To:* Nikola Malenic <nikola.malenic at netsetglobal.rs>
> *Cc:* keycloak-user <keycloak-user at lists.jboss.org>
> *Subject:* Re: [keycloak-user] Frontend and backend on separate servers
>
>
>
> I am not using keycloak frontend instead i am using my own app frontend to
> pass requests to my own app backend, that backend communicates with
> keycloak backend using  keycloak rest endpoints.
>
>
>
> On Wed, 18 Jul 2018, 20:01 Nikola Malenic, <nikola.malenic at netsetglobal.rs>
> wrote:
>
> If I understand correctly, what you proposed is to create one proxy
> backend application which would have same endpoints as Keycloak does and
> which would just pass requests from Keycloak frontend app to the Keycloak
> backend?
>
>
>
> *From:* Irtiza Ali [mailto:iali at an10.io]
> *Sent:* Wednesday, July 18, 2018 4:55 PM
> *To:* Nikola Malenic <nikola.malenic at netsetglobal.rs>
> *Cc:* keycloak-user <keycloak-user at lists.jboss.org>
> *Subject:* Re: [keycloak-user] Frontend and backend on separate servers
>
>
>
> It is difficult to integrate keycloak frontend flow with application. It
> work around is to use the keycloak rest endpoints.
>
>
>
>
>
> My use case:
>
>
>
> I have an app with frontend and backend running on different servers. I
> have a login endpoint in backend, once called with user credentials from
> frontend. That endpoint make another rest call to the keyclock auth
> endpoint, if authenticated it returns a json containing user's basic info
> and jwt based access_token. I used than token in subsequent requests to app
> backend.
>
>
>
> Feel free to ask if not clear.
>
>
>
> IA
>
>
>
> On Wed, 18 Jul 2018, 19:45 Nikola Malenic, <nikola.malenic at netsetglobal.rs>
> wrote:
>
> Can you explain how? Just to be clear, when I said Frontend (Angular app)
> I had Keycloak’s frontend in mind.
>
>
>
> *From:* Irtiza Ali [mailto:iali at an10.io]
> *Sent:* Wednesday, July 18, 2018 4:42 PM
> *To:* Nikola Malenic <nikola.malenic at netsetglobal.rs>
> *Cc:* keycloak-user <keycloak-user at lists.jboss.org>
> *Subject:* Re: [keycloak-user] Frontend and backend on separate servers
>
>
>
> One way to acheive this is by using the keycloak's rest endpoints.
>
>
>
> On Wed, 18 Jul 2018, 19:36 Nikola Malenic, <nikola.malenic at netsetglobal.rs>
> wrote:
>
> Is it possible to achieve this with Keycloak Security Proxy and how?
> Also, I've seen it is deprecated now.
>
> Many thanks,
> Nikola
>
> -----Original Message-----
> From: keycloak-user-bounces at lists.jboss.org
> [mailto:keycloak-user-bounces at lists.jboss.org] On Behalf Of Nikola Malenic
> Sent: Friday, July 13, 2018 9:49 AM
> To: keycloak-user at lists.jboss.org
> Subject: [keycloak-user] Frontend and backend on separate servers
>
> I would like to host backend on secured network, i.e. it would be
> accessible
> only from certain IPs.
>
> Frontend (Angular application) would be served by different server in
> public
> zone, which would have access to the secured network because requests from
> it's IP would be allowed to go through firewall.
>
>
>
> Is it possible to achieve this in an easy way? I wouldn't like to implement
> proxy endpoints for all backend services in secured zone.
>
>
>
> Many thanks,
>
> Nikola
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>


More information about the keycloak-user mailing list