<p dir="ltr">Well, this example answers the asked question, so many thanks Scott. However, I still have some doubts. </p>
<p dir="ltr">In the given code, the database service can only be accessed from another client (bearer only). However, let's suppose I also want to have access to its endpoints from a Web browser, for pure administrative purpose and only with the ADMIN role. I should change the access to confidential. Then I want to access the service from the customer app, but, since the current user role might not be ADMIN, I wouldn't be authorized for the remote access. </p>
<p dir="ltr">The only solution I can think for this is to keep the database service access bearer only and implement a specific database-ui service, which should replicate all the original endpoints (this involves adding a new endpoint to the ui service everytime I do it in the db service). </p>
<p dir="ltr">Is there a way for solving this which avoids having an specific ui service implemented? Sorry about all questions I'm still a starter! </p>
<p dir="ltr">Nire Sony Xperia™ telefonotik bidalita</p>
<br><br>---- Scott Rossillo igorleak idatzi du ----<br><br>Take a look at these Spring samples. It's set up automatically:<br><br><a href="https://github.com/foo4u/keycloak-spring-demo/blob/master/customer-app/src/main/java/org/keycloak/example/spring/customer/service/RemoteCustomerService.java">https://github.com/foo4u/keycloak-spring-demo/blob/master/customer-app/src/main/java/org/keycloak/example/spring/customer/service/RemoteCustomerService.java</a><br><div class="gmail_quote"><div dir="ltr">On Tue, Dec 29, 2015 at 12:31 PM Aritz Maeztu <<a href="mailto:amaeztu@tesicnor.com">amaeztu@tesicnor.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
At this moment there's a KeycloakRestTemplate to use it in Spring
which allows an end user to retrieve data from other keycloak
clients. However, a client might also be interested in accessing
data with its own permissions and with no user interaction. Is there
any implementation of a RestTemplate to utilize client service
accounts and, if not, are there any plans to write it? This <a href="https://github.com/keycloak/keycloak/blob/master/examples/demo-template/service-account/src/main/java/org/keycloak/example/ProductServiceAccountServlet.java" target="_blank">demo
</a>seems to do it manually.<br>
<br>
Regards<br>
<div>-- <br>
<div>
<table style="width:600;border-collapse:collapse">
<tbody>
<tr>
<td style="border-bottom-width:1px;border-bottom-style:solid;border-bottom-color:#989898"> <span style="font-weight:bold">Aritz Maeztu OtaƱo</span><br>
<span style="font-size:12px">Departamento Desarrollo
de Software</span> </td>
<td style="border-bottom-width:1px;border-bottom-style:solid;border-bottom-color:#989898;padding-left:20px"> <a href="https://www.linkedin.com/profile/preview?vpa=pub&locale=es_ES" target="_blank">
<img src="cid:part2.07090107.03080009@tesicnor.com" border="0">
</a> </td>
</tr>
<tr>
<td> <a href="http://www.tesicnor.com" target="_blank"> <img src="cid:part4.04050905.06000504@tesicnor.com" border="0" width="143">
</a> </td>
<td style="font-size:12px">
<p style="padding-left:20px"> <span>Pol. Ind.
Mocholi.</span> <span>C/Rio Elorz, Nave 13E </span><span style="font-weight:bold">31110 Noain (Navarra)</span><br>
<span>Telf.: 948 21 40 40</span> <br>
<span>Fax.: 948 21 40 41</span> <br>
</p>
</td>
</tr>
<tr>
<td colspan="2"> <span style="color:#009900;font-size:12px">Antes de imprimir este e-mail piense bien si es
necesario hacerlo: El medioambiente es cosa de todos.</span>
</td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
_______________________________________________<br>
keycloak-user mailing list<br>
<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></blockquote></div>