Yeah, it was there since day 0 if you look git history.
On 1/4/2017 12:23:42 PM, Stian Thorgersen <sthorger(a)redhat.com> wrote:
On 4 January 2017 at 14:56, Pedro Igor <psilva(a)redhat.com> wrote:
> +1. Besides, there is a very clear if statement on the token endpoint
> that blocks any attempt from bearer-only clients to obtain tokens.
>
FIY that if statement was added before we did service accounts / client
credential grants
> On 1/4/2017 3:47:48 AM, Stian Thorgersen <sthorger(a)redhat.com> wrote:
> Currently a bearer-only client can't have a service account and that
> seems
> like a mistake. Further this prevents bearer-only clients to use the
> authorization services.
>
> Is there any good reasons why bearer-only clients can't have service
> accounts and be able to obtain token using the client credential grant?
>
> The only thing a bearer-only client should be prevented to do IMO is
> authenticate users (authorization code flow and resource owner credential
> grant).
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
>