<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 14 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
        {font-family:Calibri;
        panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
        {font-family:Tahoma;
        panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0cm;
        margin-bottom:.0001pt;
        font-size:11.0pt;
        font-family:"Calibri","sans-serif";
        mso-fareast-language:EN-US;}
a:link, span.MsoHyperlink
        {mso-style-priority:99;
        color:blue;
        text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
        {mso-style-priority:99;
        color:purple;
        text-decoration:underline;}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
        {mso-style-priority:99;
        mso-style-link:"Balloon Text Char";
        margin:0cm;
        margin-bottom:.0001pt;
        font-size:8.0pt;
        font-family:"Tahoma","sans-serif";
        mso-fareast-language:EN-US;}
span.EmailStyle17
        {mso-style-type:personal-compose;
        font-family:"Calibri","sans-serif";
        color:windowtext;}
span.BalloonTextChar
        {mso-style-name:"Balloon Text Char";
        mso-style-priority:99;
        mso-style-link:"Balloon Text";
        font-family:"Tahoma","sans-serif";}
.MsoChpDefault
        {mso-style-type:export-only;
        font-family:"Calibri","sans-serif";
        mso-fareast-language:EN-US;}
@page WordSection1
        {size:612.0pt 792.0pt;
        margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
        {page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-AU" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal">Hi,<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Up until recently I automatically selected to use implicit grant flow from SPAs, but lately I’ve been re-assessing this since the keycloak javascript adapter provides standard flow out of the box and makes that a viable option. I also
note that the keycloak admin console is a HTML5/javascript/angular js app that uses the keycloak js adapter and uses the standard flow. As a side note I find the client defaults interesting in that Implicit flow is disabled, but direct access grants are enabled
(I’m coming from a mitreid connect implementation where direct access grants where disabled by default and implicit flow was enabled, so just wonder what the thinking is behind this since direct access grants are discouraged).<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">I’m really wondering why are you pushing standard flow from the keycloak javascript adapter instead of implicit? What are the benefits that make standard flow better in this case? One thing I have seen mentioned is refresh tokens obtained
in standard flow make it easy to get a new access token, but I thought you could get refresh tokens from the implicit flow anyway, and even if not, if a user logs in with “remember me”, then getting a new access token doesn’t require re-entering credentials
by the user. I want to make sure that when implementing keycloak in our SPA we choose the best flow and want to know if there’s some reason standard flow is best.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" width="100%" style="width:100.0%">
<tbody>
<tr>
<td width="190" style="width:142.5pt;background:white;padding:0cm 14.25pt 0cm 7.5pt">
<p class="MsoNormal" style="margin-bottom:15.0pt"><span style="font-size:8.5pt;font-family:"Arial","sans-serif";color:#1F497D;mso-fareast-language:EN-AU">Regards,</span><span style="font-size:8.5pt;font-family:"Arial","sans-serif";color:#1F497D;mso-fareast-language:EN-AU"><o:p></o:p></span></p>
<p class="MsoNormal" style="margin-bottom:15.0pt"><span style="font-size:8.5pt;font-family:"Arial","sans-serif";color:#1F497D;mso-fareast-language:EN-AU"><img width="167" height="59" id="Picture_x0020_1" src="cid:image001.gif@01D18BFE.76456B30" alt="Description: Description: C:\Users\jayt\Desktop\tonyjay_sig_files\virginaustralia.gif"></span><span style="font-size:8.5pt;font-family:"Arial","sans-serif";color:#1F497D;mso-fareast-language:EN-AU"><o:p></o:p></span></p>
</td>
</tr>
<tr>
<td width="100%" style="width:100.0%;background:white;padding:0cm 0cm 0cm 0cm">
<p class="MsoNormal" style="margin-left:26.25pt;line-height:11.25pt"><b><span style="font-size:7.5pt;font-family:"Arial","sans-serif";color:#D6083B;mso-fareast-language:EN-AU">Anthony Fryer</span></b><span style="font-size:7.5pt;font-family:"Arial","sans-serif";color:#828A8F;mso-fareast-language:EN-AU">
| Solution Architect & Designer</span><span style="font-size:9.0pt;font-family:"Arial","sans-serif";color:#828A8F;mso-fareast-language:EN-AU"><o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:26.25pt;line-height:11.25pt"><span style="font-size:7.5pt;font-family:"Arial","sans-serif";color:#828A8F;mso-fareast-language:EN-AU">Mb: 0438 781 745</span><span style="font-size:9.0pt;font-family:"Arial","sans-serif";color:#828A8F;mso-fareast-language:EN-AU"><o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:26.25pt;line-height:11.25pt"><span style="font-size:7.5pt;font-family:"Arial","sans-serif";color:#828A8F;mso-fareast-language:EN-AU">Email:
<a href="mailto:anthony.fryer@virginaustralia.com"><span style="color:blue">anthony.fryer@virginaustralia.com</span></a></span><span style="font-size:9.0pt;font-family:"Arial","sans-serif";color:#828A8F;mso-fareast-language:EN-AU"><o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:7.5pt;margin-right:0cm;margin-bottom:0cm;margin-left:26.25pt;margin-bottom:.0001pt;line-height:9.0pt">
<span style="font-size:7.5pt;font-family:"Arial","sans-serif";color:#828A8F;mso-fareast-language:EN-AU">Virgin Australia group of airlines including Virgin Australia,<br>
V Australia, Pacific Blue and Polynesian Blue</span><span style="font-size:7.5pt;font-family:"Arial","sans-serif";color:#828A8F;mso-fareast-language:EN-AU"><o:p></o:p></span></p>
</td>
</tr>
<tr>
<td style="padding:0cm 0cm 0cm 0cm">
<p class="MsoNormal" style="margin-left:26.25pt;line-height:11.25pt"><span style="font-size:7.5pt;font-family:"Arial","sans-serif";color:#999999;mso-fareast-language:EN-AU">Please consider the environment before printing this email.</span><span style="font-size:7.5pt;font-family:"Arial","sans-serif";color:#999999;mso-fareast-language:EN-AU"><o:p></o:p></span></p>
</td>
</tr>
</tbody>
</table>
<p class="MsoNormal"><span style="mso-fareast-language:EN-AU"><o:p> </o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
The content of this e-mail, including any attachments, is a confidential communication between Virgin Australia Airlines Pty Ltd (Virgin Australia) or its related entities (or the sender if this email is a private communication) and the intended addressee and
is for the sole use of that intended addressee. If you are not the intended addressee, any use, interference with, disclosure or copying of this material is unauthorized and prohibited. If you have received this e-mail in error please contact the sender immediately
and then delete the message and any attachment(s). There is no warranty that this email is error, virus or defect free. This email is also subject to copyright. No part of it should be reproduced, adapted or communicated without the written consent of the
copyright owner. If this is a private communication it does not represent the views of Virgin Australia or its related entities. Please be aware that the contents of any emails sent to or from Virgin Australia or its related entities may be periodically monitored
and reviewed. Virgin Australia and its related entities respect your privacy. Our privacy policy can be accessed from our website: www.virginaustralia.com
</body>
</html>