[keycloak-user] Direct Access grant vs SPA theme
Wyns Dean
dean.wyns at aptus.be
Wed Oct 17 09:43:59 EDT 2018
Hi
We're developing an application that has a more extensive login flow than Keycloak offers by default.
Our first thought was to develop the login flow ourselves in our web application, using the Direct Access grant. In this case, we'd need to maintain the login session ourselves. We'd need to proxy the requests and inject the access token in the headers, and renew the access token using the refresh token if necessary.
So we're instead looking to implement a theme that implements this login flow using a small SPA. Is this something that the theme system is capable of? Is this recommended over the previously mentioned approach (direct grant)?
Thanks in advance for any feedback
Dean
More information about the keycloak-user
mailing list