7:51 p.m.
Thanks Marek
I saw here
<https://github.com/keycloak/keycloak/blob/master/examples/demo-template/a...
app
gains the accessToken, but did not see where this `/auth` api is
implemented. I want to learn how to I do the same thing of exposing `/auth`
api to generate tokens
I did not see anything in pom.xml
<https://github.com/keycloak/keycloak/blob/master/examples/demo-template/a...
either. seems like magic to me at the moment. Any guidance here?
Thanks
On Tue, Jul 29, 2014 at 12:25 AM, Marek Posolda <mposolda(a)redhat.com> wrote:
Hi,
the best is to start with documentation
http://docs.jboss.org/keycloak/docs/1.0-beta-3/userguide/html/index.html
and also look at existing examples
https://github.com/keycloak/keycloak/tree/master/examples . Probably most
useful for you might be
https://github.com/keycloak/keycloak/tree/master/examples/demo-template .
It has restful application "database-service", where you can send secured
REST requests with the bearer token attached to them. Other applications in
the directory are web applications, which obtain bearer token from the
Keycloak login . Product-portal and customer-portal are JEE applications
secured by Keycloak itself, third-party and third-party-cdi is more
traditional OAuth where token is used just to retrieve the secured data
from "database-service" . See the README for more info.
Example for CORS support is here:
https://github.com/keycloak/keycloak/tree/master/examples/cors
Marek
On 25.7.2014 23:04, Harit Himanshu wrote:
Hey Team,
I am been looking for answer to
http://stackoverflow.com/questions/24769691/what-are-some-ways-to-secure-... and
found that keycloak is suitable for securing REST APIs using OAuth 2.0.
I am looking for example where the following is demonstrated
a.) Third-party app registers and gets Access Token
b.) Third-Party app accesses Resource Server to access protected resource
by sending Access Token to REST API
c.) and How Token is validated.
It is mentioned in features of keycloak as
- OAuth Bearer token auth for REST Services
- OAuth 2.0 Grant requests
- CORS Support
Can you please guide me through examples?
Thank you
On Fri, Jul 25, 2014 at 2:00 PM, Harit Himanshu <
harit.subscriptions(a)gmail.com> wrote:
> Hey Team,
>
> I am been looking for answer to
> http://stackoverflow.com/questions/24769691/what-are-some-ways-to-secure-...
> and found that keycloak is suitable for securing REST APIs using OAuth 2.0.
>
> I am looking for example where the following is demonstrated
> a.) Third-party app registers and gets Access Token
> b.) Third-Party app accesses Resource Server to access protected resource
> by sending Access Token to REST API
> c.) and How Token is validated.
>
>
> It is mentioned in features of keycloak as
>
> - OAuth Bearer token auth for REST Services
> - OAuth 2.0 Grant requests
> - CORS Support
>
> Can you please guide me through examples?
>
> Thank you
> + Harit Himanshu
>
_______________________________________________
keycloak-dev mailing
listkeycloak-dev@lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-dev