<div dir="ltr">Hi Bruno,<div><br></div><div>3rd party APIs are treated as black boxes, so we cannot mess up with their code by adding keycloak.json and editing config files (also there is no guarantee they are deployed as WAR). That's why my first guess is some kind of a proxy.</div></div><div class="gmail_extra"><br clear="all"><div><div class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div style="font-family:arial;font-size:small"><div dir="ltr"><font color="#888888">Regards,<br>Pavel Maslov, MS</font></div></div></div></div></div></div></div>
<br><div class="gmail_quote">On Tue, May 17, 2016 at 4:38 PM, Bruno Oliveira <span dir="ltr"><<a href="mailto:bruno@abstractj.org" target="_blank">bruno@abstractj.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi Pavel, isn't something like this <a href="http://keycloak.github.io/docs/userguide/keycloak-server/html/ch08.html#d4e1006" rel="noreferrer" target="_blank">http://keycloak.github.io/docs/userguide/keycloak-server/html/ch08.html#d4e1006</a><br>
enough?<br>
<div><div class="h5"><br>
On 2016-05-17, Pavel Maslov wrote:<br>
> Hi all,<br>
><br>
><br>
> Suppose we have a 3rd party REST API, which is not secured. How could we<br>
> integrate OAuth2.0 authentication using Keycloak? My first guess is to<br>
> create a mediation service (written in Java), which will use the Keycloak<br>
> Java adapter and will authenticate users based off the security_token<br>
> (passed to the mediation service with each request), and forward all<br>
> requests (including headers) to the 3rd party REST API (unsecured).<br>
><br>
> Does it make any sense? If so, has anyone written something similar?<br>
><br>
> Thanks.<br>
><br>
> Regards,<br>
> Pavel Maslov, MS<br>
<br>
</div></div>> _______________________________________________<br>
> keycloak-user mailing list<br>
> <a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a><br>
> <a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br>
<br>
<br>
--<br>
<br>
abstractj<br>
PGP: 0x84DC9914<br>
</blockquote></div><br></div>