----- Original Message -----
From: "Stian Thorgersen" <stian(a)redhat.com>
To: "Pedro Igor Silva" <psilva(a)redhat.com>
Cc: "keycloak dev" <keycloak-dev(a)lists.jboss.org>
Sent: Friday, January 23, 2015 11:32:47 AM
Subject: Re: [keycloak-dev] Shortening URLs
----- Original Message -----
> From: "Pedro Igor Silva" <psilva(a)redhat.com>
> To: "Stian Thorgersen" <stian(a)redhat.com>
> Cc: "keycloak dev" <keycloak-dev(a)lists.jboss.org>
> Sent: Friday, January 23, 2015 2:27:19 PM
> Subject: Re: [keycloak-dev] Shortening URLs
>
> However, I think we may need to keep /auth. It may be useful to reference
> the
> whole server regardless a specific realm.
/auth isn't needed if Keycloak is running as a separate server and has it's
own domain for example
https://auth.acme.org
Yep, if not you may also want to reference a path. But I think that usually you will
prefer a separated server for KC, right ?
Also, how the URLs looks like when you are embedding KC into another project ?
>
> ----- Original Message -----
> From: "Pedro Igor Silva" <psilva(a)redhat.com>
> To: "Stian Thorgersen" <stian(a)redhat.com>
> Cc: "keycloak dev" <keycloak-dev(a)lists.jboss.org>
> Sent: Friday, January 23, 2015 11:25:34 AM
> Subject: Re: [keycloak-dev] Shortening URLs
>
> +1. And for OIDC endpoints, we still need to review them some time.
>
> ----- Original Message -----
> From: "Stian Thorgersen" <stian(a)redhat.com>
> To: "keycloak dev" <keycloak-dev(a)lists.jboss.org>
> Sent: Friday, January 23, 2015 9:23:54 AM
> Subject: [keycloak-dev] Shortening URLs
>
> Our URLs are quite long, examples:
>
> *
http://localhost:8080/auth/realms/master/protocols/openid-connect/login
> *
http://localhost:8080/auth/realms/master/account
>
> We could remove the 'realms' part and 'protocols' parts couldn't
we?
>
> *
http://localhost:8080/auth/master/oidc/login
> *
http://localhost:8080/auth/master/account
>
> That would require moving everything under a realm and I guess we'd need to
> hard-wire the protocols, but I think that should be fine.
>
> We also need to make sure we can just the root context:
>
> *
http://localhost:8080/master/oidc/login
> *
http://localhost:8080/master/account
>
> We can also introduce other mechanisms to select the realm. For example a
> server with single realm can just omit it altogether:
>
> *
http://localhost:8080/oidc/login
> *
http://localhost:8080/account
>
> And we could allow setting what domains uses what realms:
>
> *
http://keycloak-master/oidc/login
> *
http://keycloak-other/oidc/login
>
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/keycloak-dev
>