<div dir="ltr">Ok, thanks...are there any outstanding security concerns are there around that, as long as I use TLS?</div><div class="gmail_extra"><br><div class="gmail_quote">On Sat, Nov 14, 2015 at 8:45 AM, Bill Burke <span dir="ltr"><<a href="mailto:bburke@redhat.com" target="_blank">bburke@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">We call these public clients and its the way our admin console works.<br>
Use our javascript adapter to obtain a token and make XHR requests to<br>
the server with the token.<br>
<div><div class="h5"><br>
On 11/13/2015 10:29 PM, David Hay wrote:<br>
> Hi,<br>
><br>
> Newbie here...<br>
><br>
> We're needing to secure an AngularJS application hitting our REST API<br>
> (and supporting customers hitting it directly).<br>
><br>
> I believe in this situation we need to utilize the Hybrid flow as there<br>
> is no way to secure the secret in AngularJS.<br>
><br>
> Does Keycloak support this?<br>
><br>
> Thanks!<br>
><br>
><br>
</div></div>> _______________________________________________<br>
> keycloak-user mailing list<br>
> <a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a><br>
> <a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br>
><br>
<span class="HOEnZb"><font color="#888888"><br>
--<br>
Bill Burke<br>
JBoss, a division of Red Hat<br>
<a href="http://bill.burkecentral.com" rel="noreferrer" target="_blank">http://bill.burkecentral.com</a><br>
_______________________________________________<br>
keycloak-user mailing list<br>
<a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br>
</font></span></blockquote></div><br></div>