Once you've authenticated with Keycloak the application can setup its own HTTP session that contains the token details. Keycloak uses its own session cookie to maintain the SSO session. Keycloak won't authenticate with a application cookie though.

On 13 December 2015 at 20:30, sabir <sss2174@columbia.edu> wrote:

Hello,

I am working on integration keycloak authentication and setting up authorization on endpoints in Dropwizard application.

I've looked into existing project here: https://github.com/ahus1/keycloak-dropwizard-integration/
Also, I looked into https://github.com/keycloak/keycloak/blob/c9e0a7a97dd98b31836195df167684a42dae4d3c/services/src/main/java/org/keycloak/authentication/authenticators/browser/CookieAuthenticator.java

I am able to authenticate by username/password or passing keycloak token. It is crucial for us to authenticate existing session without credentials or keycloak token.

Does keycloak expose endpoints to authenticate via Cookie like:

KEYCLOAK_SESSION, KEYCLOAK_IDENTITY and/or KEYCLOAK_STATE_CHECKER

I'm not sure if this is the correct place for questions like these. Please direct me otherwise.

Thanks,

_______________________________________________
keycloak-dev mailing list
keycloak-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev