However, I think we may need to keep /auth. It may be useful to
reference the whole server regardless a specific realm.
auth can just be the root
context. You can do that with Keycloak
today. But we could make it easier to configure it.
----- Original Message -----
From: "Pedro Igor Silva" <psilva(a)redhat.com>
To: "Stian Thorgersen" <stian(a)redhat.com>
Cc: "keycloak dev" <keycloak-dev(a)lists.jboss.org>
Sent: Friday, January 23, 2015 11:25:34 AM
Subject: Re: [keycloak-dev] Shortening URLs
+1. And for OIDC endpoints, we still need to review them some time.
----- Original Message -----
From: "Stian Thorgersen" <stian(a)redhat.com>
To: "keycloak dev" <keycloak-dev(a)lists.jboss.org>
Sent: Friday, January 23, 2015 9:23:54 AM
Subject: [keycloak-dev] Shortening URLs
Our URLs are quite long, examples:
*
http://localhost:8080/auth/realms/master/protocols/openid-connect/login
*
http://localhost:8080/auth/realms/master/account
We could remove the 'realms' part and 'protocols' parts couldn't we?
*
http://localhost:8080/auth/master/oidc/login
*
http://localhost:8080/auth/master/account
That would require moving everything under a realm and I guess we'd need to hard-wire
the protocols, but I think that should be fine.
We also need to make sure we can just the root context:
*
http://localhost:8080/master/oidc/login
*
http://localhost:8080/master/account
We can also introduce other mechanisms to select the realm. For example a server with
single realm can just omit it altogether:
*
http://localhost:8080/oidc/login
*
http://localhost:8080/account
And we could allow setting what domains uses what realms:
*
http://keycloak-master/oidc/login
*
http://keycloak-other/oidc/login
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev