<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">Not sure exactly about all the details
of your setup etc. However from the first look, if you use
"response_type=id_token" , then Keycloak will return you just
idToken, but not accessToken at all. <br>
<br>
If you want both idToken and accessToken, you need to use value
"id_token token". <br>
<br>
So encoded parameter will be something like
"response_type=id_token%20token"<br>
<br>
Marek<br>
<br>
On 01/08/16 11:41, <a class="moz-txt-link-abbreviated" href="mailto:Mohan.Radhakrishnan@cognizant.com">Mohan.Radhakrishnan@cognizant.com</a> wrote:<br>
</div>
<blockquote
cite="mid:E1B160F4999FD6449524E16C2CB94E030798B217@CTSINCHNSXMBE.cts.com"
type="cite">
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
<meta name="Generator" content="Microsoft Word 15 (filtered
medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal">Hi,<o:p></o:p></p>
<p class="MsoNormal"> My ID token flow and OIDC
filter are working. But I am still doubtful about my
implementation. When I used another IDP(IdentifyServer3) the
redirect URL issued from<o:p></o:p></p>
<p class="MsoNormal">AngularJS gave me the access token with the
ID token embedded in it directly.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">But now I am using this code.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal" style="text-autospace:none"><span
style="font-size:10.0pt;font-family:Consolas;color:black">
AccessToken
</span><span
style="font-size:10.0pt;font-family:Consolas;color:#6A3E3E">accessToken</span><span
style="font-size:10.0pt;font-family:Consolas;color:black"> =
</span><span
style="font-size:10.0pt;font-family:Consolas;color:#6A3E3E">keycloakPrincipal</span><span
style="font-size:10.0pt;font-family:Consolas;color:black">.getKeycloakSecurityContext().getToken();<o:p></o:p></span></p>
<p class="MsoNormal" style="text-autospace:none"><span
style="font-size:10.0pt;font-family:Consolas;color:black"><o:p> </o:p></span></p>
<p class="MsoNormal" style="text-autospace:none"><span
style="font-size:10.0pt;font-family:Consolas;color:black">URL
is this.<o:p></o:p></span></p>
<p class="MsoNormal" style="text-autospace:none"><u><span
style="font-size:12.0pt;font-family:"Times New
Roman",serif;color:blue"><a moz-do-not-send="true"
href="http://localhost:8080/auth/realms/Test/protocol/openid-connect/auth?response_type=id_token&redirect_uri=http://localhost:8000/keycloak/claim/&realm=Test&client_id=Test&scope=user">http://localhost:8080/auth/realms/Test/protocol/openid-connect/auth?response_type=id_token&redirect_uri=http://localhost:8000/keycloak/claim/&realm=Test&client_id=Test&scope=user</a></span></u><span
style="font-size:10.0pt;font-family:Consolas"><o:p></o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">And
<a class="moz-txt-link-freetext" href="https://keycloak.gitbooks.io/securing-client-applications-guide/content/topics/oidc/javascript-adapter.html">https://keycloak.gitbooks.io/securing-client-applications-guide/content/topics/oidc/javascript-adapter.html</a>
mentions that keycloak.json is required to get the access
token in AngularJS.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Am I missing something ? Why is there a
difference ?<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Thanks,<o:p></o:p></p>
<p class="MsoNormal">Mohan<o:p></o:p></p>
</div>
This e-mail and any files transmitted with it are for the sole use
of the intended recipient(s) and may contain confidential and
privileged information. If you are not the intended recipient(s),
please reply to the sender and destroy all copies of the original
message. Any unauthorized review, use, disclosure, dissemination,
forwarding, printing or copying of this email, and/or any action
taken in reliance on the contents of this e-mail is strictly
prohibited and may be unlawful. Where permitted by applicable law,
this e-mail and other e-mail communications sent to and from
Cognizant e-mail addresses may be monitored.
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
keycloak-user mailing list
<a class="moz-txt-link-abbreviated" href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a>
<a class="moz-txt-link-freetext" href="https://lists.jboss.org/mailman/listinfo/keycloak-user">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></pre>
</blockquote>
<br>
</body>
</html>