<div dir="ltr">If you are happy to do the login to the fat client from the browser this is possible. Take a look at our customer-app-cli example. In summary the way it works is:<div><br></div><div>* Native client starts a http server on localhost with any port (for example 10789)<br></div><div>* Native client opens the login link in the external desktop web browser<br></div><div>* Keycloak redirects to "<a href="http://localhost:10789">http://localhost:10789</a>"</div><div>* The native client can now read the code query param from the request sent to the http server it started</div><div>* SSO done ;)</div></div><div class="gmail_extra"><br><div class="gmail_quote">On 23 September 2015 at 07:42, Michael Gerber <span dir="ltr"><<a href="mailto:gerbermichi@me.com" target="_blank">gerbermichi@me.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div>Hi all,</div><div><br></div><div>I have got a fat client and a web application. The fat client uses the keycloak login in a build in browser. After that I am using the access token to get data from rest services from the web application. </div><div><br></div><div>Is it possible to open the web application from the fat client in a new browser and propagate the user credentials, so that the user does not have to reauthenticate?</div><div><br></div><div>kind regards</div><span class="HOEnZb"><font color="#888888"><div>Michael</div></font></span></div>
<br>_______________________________________________<br>
keycloak-user mailing list<br>
<a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br></blockquote></div><br></div>