Re: [Apiman-user] Disable SSL/TLS for Oauth
On 12 May 2016 at 22:30, Charles Moulliard <cmoullia(a)redhat.com> wrote:
Can we disable SSL/TLS when we use Keycloak Oauth plugin to avoid
this
message ""OAuth2 token was transmitted without required transport security
(TLS, SSL)." ?
Yes, you should be able to untick "require transport security" or edit
your policy's JSON config (see:
http://www.apiman.io/latest/user-guide.html#_oauth_policy_keycloak).
It's generally not a good idea to use OAuth2 without transport
security, however.