<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=Windows-1252">
</head>
<body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; color: rgb(0, 0, 0); font-size: 14px; font-family: Calibri, sans-serif;">
<div>If you use the keycloak-spring-boot adapter, it only supports basic authentication (username + password).</div>
<div>If you use the keycloak-spring-security adaptor, it gives more options including bearer token support.</div>
<div><br>
</div>
<div>The bearer token is the access token put into the http header. Specifically you set the “Authentication” header with “Bearer {access token}”.</div>
<div>You get the access token from the oauth 2 login process.</div>
<div>A good example of code is available in keycloak/examples/cors.</div>
<div><br>
</div>
<div>—Doug</div>
<div><br>
</div>
<span id="OLK_SRC_BODY_SECTION">
<div style="font-family:Calibri; font-size:11pt; text-align:left; color:black; BORDER-BOTTOM: medium none; BORDER-LEFT: medium none; PADDING-BOTTOM: 0in; PADDING-LEFT: 0in; PADDING-RIGHT: 0in; BORDER-TOP: #b5c4df 1pt solid; BORDER-RIGHT: medium none; PADDING-TOP: 3pt">
<span style="font-weight:bold">From: </span>Anunay Sinha <<a href="mailto:anunay.sinha@arvindinternet.com">anunay.sinha@arvindinternet.com</a>><br>
<span style="font-weight:bold">Date: </span>Tue, 8 Sep 2015 16:05:39 +0530<br>
<span style="font-weight:bold">To: </span><<a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a>><br>
<span style="font-weight:bold">Subject: </span>[keycloak-user] Help with keycloak integration with Spring boot rest api<br>
</div>
<div><br>
</div>
<div dir="ltr">Hi Everyone,
<div>I am new to both spring and keycloak and I do admit that am writing this before exhausting all my options, but I have spent quite a good amount of time on this.</div>
<div><br>
</div>
<div>So here is my deal.</div>
<div>I have created a spring boot rest api and have tested it.</div>
<div>Next I was trying to integrate it with keyCloak </div>
<div> I modified my gradle for keycloak</div>
<div> I configured a client in KeyCloak admin console. It was bearer only.</div>
<div>
<div><br>
</div>
<div>{</div>
<div> "realm": "TestMyAccount",</div>
<div> "realm-public-key": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqKhSVCGWBxzT5nFByxE1EbJ7YVo05JxO4wVVJJsp25gy7GQhR89qidSUkT3onlc4jLEDH5hLt/mszuDSmSUAHrHhSrTWbgF6Ii4L1fwU57+a6W2vVDI3UvSeTxiTnIrvpeD7g9hw/cscOMD7ngiqFAuh0fLj6IS4mmMfGsVf35IfiHpEfRpTS+Th/Y48AAYxJxbZlmNmJe91xCxdbPi36tb2Ecv7kPnXdI3a+ZhSm/NhP3ZYURu9SWcXlCJfRcOo9eATgGu2PruOsrHKl/YKf3+nGTDSmiHLOCRoL2gvedgr/3VzsEFpcJRjrNCWaKhsgMSdr+0N/CDOA6TR76uewIDAQAB",</div>
<div> "bearer-only": true,</div>
<div> "auth-server-url": "<a href="http://127.0.0.1:8080/auth">http://127.0.0.1:8080/auth</a>",</div>
<div> "ssl-required": "none",</div>
<div> "resource": "AIL_MYACCOUNT"</div>
<div>}</div>
</div>
<div><br>
</div>
<div>Next I added the following items to my application.properties</div>
<div><br>
</div>
<div>
<div>keycloak.realm = TestMyAccount</div>
<div>keycloak.realmKey = MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqKhSVCGWBxzT5nFByxE1EbJ7YVo05JxO4wVVJJsp25gy7GQhR89qidSUkT3onlc4jLEDH5hLt/mszuDSmSUAHrHhSrTWbgF6Ii4L1fwU57+a6W2vVDI3UvSeTxiTnIrvpeD7g9hw/cscOMD7ngiqFAuh0fLj6IS4mmMfGsVf35IfiHpEfRpTS+Th/Y48AAYxJxbZlmNmJe91xCxdbPi36tb2Ecv7kPnXdI3a+ZhSm/NhP3ZYURu9SWcXlCJfRcOo9eATgGu2PruOsrHKl/YKf3+nGTDSmiHLOCRoL2gvedgr/3VzsEFpcJRjrNCWaKhsgMSdr+0N/CDOA6TR76uewIDAQAB</div>
<div>keycloak.auth-server-url = <a href="http://127.0.0.1:8080/auth">http://127.0.0.1:8080/auth</a></div>
<div>keycloak.ssl-required = external</div>
<div>keycloak.resource = AIL_MYACCOUNT</div>
<div>use-resource-role-mappings = false</div>
<div>ssl-not-required = true</div>
<div>bearer-only = true</div>
</div>
<div><br>
</div>
<div>This is as per the <a href="http://keycloak.github.io/docs/userguide/html/ch08.html#spring-boot-adapter">
documentation</a> </div>
<div>I don't have a web.xml in my project and going as per the video tutorial I ignored those settings.</div>
<div><br>
</div>
<div>My access to api was restricted and it is asking me for the authorization.</div>
<div>But am not able to provide it. As per the example in the document, it seems like bearer only application work on tokens only.</div>
<div>-------------------------------------------------</div>
<div>Here is my first question. </div>
<div>Is there a way to generate the tokens for bearers only applications</div>
<div>-------------------------------------------------</div>
<div><br>
</div>
<div>To get the token I created another client, this time "confidential" redirecting to same base URI and used it to generate the access token</div>
<div><br>
</div>
<div>When am using this access token to access my API am still getting the 401 error.</div>
<div><br>
</div>
<div>Am not sure what am doing wrong and where am doing wrong.</div>
<div><br>
</div>
<div>Request you to please help me with this</div>
<div><br>
</div>
</div>
_______________________________________________ keycloak-user mailing list <a href="mailto:keycloak-user@lists.jboss.org">
keycloak-user@lists.jboss.org</a> <a href="https://lists.jboss.org/mailman/listinfo/keycloak-user">
https://lists.jboss.org/mailman/listinfo/keycloak-user</a></span>
</body>
</html>