Re: [keycloak-user] REST API security
To clarify, I've been looking at the various clients in the examples and
know that I can simply add an authorization header with a bearer token to
the REST requests. However, as far as I understand the examples and the
code, all the login flows are based on login forms and redirects. While
this is convenient for web applications, I'm missing a simple way for a
"headless" client to obtain a token in return for application credentials
or an API key. Are you planning to support this kind of use case?
Cheers,
Nils
On Sat, Apr 12, 2014 at 7:09 PM, Nils Preusker <n.preusker(a)gmail.com> wrote:
Hi all,
I'm trying to figure out how I could use keycloak to secure a REST API
that is used bu a pure backend REST client. Do you have any recommendations
for that (i.e. API keys)?
Cheers,
Nils
Attachments:
- attachment.html (text/html — 1.2 KB)