Re: [keycloak-dev] Remove realm json at "/auth/realms/<realm name>"
Why split it into multiple subsystems? Are you only talking about the
ability to enable/disable? If so that can easily be added through the
profile feature like we do for authorization services. That's probably 2
min work.
The ability to expose admin endpoints on a different address/port would be
great.
On 15 August 2017 at 19:18, Bill Burke <bburke(a)redhat.com> wrote:
The idea of that URL is to expose public information about the
realm,
i.e. public cert/key and public endpoint urls. If this information is
not being used and we have other mechanisms in place, then yeah, remove it.
IMO, the jira you reference is unrelated. Its about shutting down the
admin console/API. As far as that goes, it would be cool to split up
keycloak into separate subsystems:
* backend (required)
* admin api/console
* account service
* authentication/brokering/token endpoints
Even have the admin api/console be exposed from a different bind
address/port.
On 8/15/17 8:00 AM, Stian Thorgersen wrote:
> I propose we remove the realm json returned at "/auth/realms/<realm
name>"
> and just return an empty page
>
> * It can end-up being visible to end-users - we should rather have a
realm
> welcome page / SSO landing page here
> * It's not used by anything AFAIK
> * From time to time people complain about it (
> https://issues.jboss.org/browse/KEYCLOAK-5279 for instance, there's more
> similar issues reported)
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev