[keycloak-user] Keycloak client
Dmitry Telegin
dt at acutus.pro
Thu Jun 21 21:34:35 EDT 2018
Hi Vinay,
In Keycloak, client is (simply speaking) a combination of base URL,
protocol (OIDC/SAML), roles and authorization rules. So, if your
application lives under a single base URL, it's simply impossible to
have many clients per application. Moreover, an adapter (that you use
to secure your application) is configured for a particular client.
Hence, there is a 1-to-1 relationship between an application and a
client.
However, if your application is heterogeneous, i.e. consists of
separate components living under different base URLs (and created with
different technologies), you will have to define individual clients for
them.
Resource is an URI under client's base URL, and is used to define fine-
grained authorization rules within that client.
Cheers,Dmitry Telegin
CTO, Acutus s.r.o.
Keycloak Consulting and Training
Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
+ 42 (022) 888-30-71
E-mail: info at acutus.pro
В Thu, 21/06/2018 в 12:50 -0400, Vinay пишет:
> Hi there,
> In what scenario an application should have multiple clients defined
> in the
> keycloak server ? How keycloak client defers from a resource ? I
> understand
> it is an application that asks for an authentication, but I am not
> sure
> when do we need multiple clients in an application. What is the basis
> for
> defining clients ?
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list