Re: [keycloak-dev] Direct grant always on
Maybe we can have it "true" by default, as it will likely save a lot of
pain to many people. However I would not remove it as at least OAuth2
specs doesn't like it very well (Especially see 10.7
https://tools.ietf.org/html/rfc6749#page-57 ).
Maybe better alternative is to have the possibility to enable it for
master realm with something like the keycloak-bootstrap.json file, which
was planned to be added at some point (or maybe even have the option in
keycloak-server.json) ?
Marek
On 2.6.2015 15:04, Stian Thorgersen wrote:
I propose we remove the option to enable/disable direct grant and
always have it on. Alternatively we need an option to enable it without using the admin
console.
This is for users that want to use a CLI, or needs to do some automatic configuration
when provisioning a KC.
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev