Re: [keycloak-dev] /tokens/access/codes now uses Basic Auth

Friday, 21 February 2014

On 2/21/2014 3:18 AM, Marek Posolda wrote:
...
 On 20.2.2014 23:26, Bill Burke wrote:
> Since we're using client secret now to authenticate clients, I changed
> the protocol to use Basic Auth as per the OAuth and OpenId Connect
> specs.  I updated the javascript adapter to use basic auth (I think),
> but I don't have an app to test against.
>
>
> P.S.
>
> I hear Marek laughing and/or cursing at me in the background...
 You say that:-)
 For JS apps, we may also need to test cors, which I mentioned in
 https://issues.jboss.org/browse/KEYCLOAK-328

 Isn't the app here
 https://github.com/keycloak/keycloak/tree/master/examples/demo-template/c...
 ?

BTW, looking at OpenID connect there are multiple options you can 
configure for client authentication, Basic Auth is only one of them.

-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

Re: [keycloak-dev] /tokens/access/codes now uses Basic Auth