Re: [keycloak-dev] why authenticate clients?

On 3/3/2014 4:33 AM, Stian Thorgersen wrote: Not proposing anything. Our pure-javascript/html5 adapter is a public client. I'm just saying that in that case, its just as secure as a confidential client is you use SSL. It also helps in cases where its difficult to distribute/store client secrets, i.e. in the multi-tenant case that Travis (a keycloak user) has been talking about on the user list. -- Bill Burke JBoss, a division of Red Hat http://bill.burkecentral.com