Re: [keycloak-dev] The best place to get the Request Party Token

Please, I am trying use policy enforcer on my project but I am not having successful. My app are loging correctly by the two codes: code 1) var initOptions = { onLoad: 'check-sso', responseMode: 'query', flow: 'standard' }; keycloak.init(initOptions).success(function (authenticated) { ... ... ... } ... and by an angular interceptor: code 2) factory('authInterceptor', ['$q', 'keycloak', function ($q, keycloak) { return { request: function (config) { var deferred = $q.defer(); keycloak.updateToken(30).success(function () { config.headers = config.headers || {}; config.headers.Authorization = 'Bearer ' + keycloak.token; deferred.resolve(config); }).error(function () { deferred.reject('Failed to refresh token'); }); return deferred.promise; } }; }]) But, if I enable policy enforcer my service calls are unauthorazed. It seems to me the best option to use the policy enforcer, in the exact moment that I receive the access token I must change this by an rpt token and from this point forward all my protected service calls will have access to my rpt token. I have no difficulty using the keycloak-authz.js library to get the rpt token. However, to get this process up and running, I must send a protected resource call and intercept the "WWW-Authenticate" header. I do not see how I can get the rpt token with the codes listed above and If I try to force the rtp token as an authorization header my interceptor it runs and changes the header for my access to the token again. There is a way to get the rpt token where I am trying or do I have any misconceptions it can not be done in this place? I will be very grateful if anyone can help me. Kind regards, Maurício Penteado. _______________________________________________ keycloak-dev mailing list keycloak-dev(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-dev