Using Keycloak Gatekeeper for Auth-Code-Flow over multiple microservices

Friday, 30 August 2019

Hi Stian,

...
 The alternative is to have a backend for your front-end that deals
with
 obtaining tokens. The front-end uses a httponly cookie to be authenticated
 against the backend, but never has access to the token directly. This has
 the limitation that front-end and backend has to be hosted on same domain
 and if you need to call external services it needs to be proxies through
 the backend. It is harder to do though. 
Would it make sense to use Gatekeeper for this? The backend could require
bearer
tokens as usual but Gatekeeper could be in charge of using the authorisation
code flow to log the user in and proxying the frontend's requests to the
backend, mapping the cookies to the corresponding bearer tokens. It's
probably
more limiting than your solution for handling external services, but it
could be
a quick way of setting up this type of token handling?

Kind regards,

Seán.

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014