Re: [keycloak-user] Obtaining RPT with Keycloak installed

On Tue, Sep 11, 2018 at 6:58 AM, keycloak demo <testoauth55(a)gmail.com&gt; wrote: > I am using keycloak installed through which I can obtain access token. > like > this: > > *keycloakinstalled.loginDesktop();* > *AccessToken token = keycloak.getToken();* > > But how can I obtain RPT (Requesting Party Token) in case of > keycloakinstalled? > > I have followed the doc: > > https://www.keycloak.org/docs/4.3/authorization_services/#obtaining-user-... > which > gives a way to request RPT by using AuthzClient. But how can it be done if > I am using keycloakinstalled? > > Also by decoding the RPT and accessToken I can see that RPT has > authorization & permissions info which Access Token does not have: > > "authorization": { "permissions": [..... > > > In summary, I have 2 questions: > > 1. Which one (Access token or RPT) should be used if I want to use > authorization in my client application? What is the exact difference in > terms of usage between the two? > The main difference between the two is that RPT gives you additional claims representing permissions with a specific audience set to the target resource server. RPTs are also obtained using a different grant type. > > 2. How can the RPT be obtained in case of Keycloak installed? > I have never tested this before, could you please fill a JIRA with more details about what you are trying to achieve with keycloak installed. Need to check if we could implement something for better support of RPTs. > _______________________________________________ > keycloak-user mailing list > keycloak-user(a)lists.jboss.org > https://lists.jboss.org/mailman/listinfo/keycloak-user >