4:27 a.m.
Greetings everyone,
I am testing the possibility to login via curl to the account client in my test realm and
then use the tokens to access another client. I have tried this:
curl -X POST \
-H "Content-Type: application/x-www-form-urlencoded" \
-H "cache-control: no-cache" \
-d
"grant_type=password&scope=openid&client_id=account&username=test1&password=1234t1"
\
"http://keycloak:8080/auth/realms/test /protocol/openid-connect/token" \
-v
But it gives me:
* upload completely sent off: 81 out of 81 bytes
< HTTP/1.1 400 Bad Request
< Connection: keep-alive
< Content-Type: application/json
< Content-Length: 91
What am I doing wrong and apologies if this question has been asked before.
Keycloak version is 4.1.0.Final
Ronald
10:26 a.m.
Try
curl -d "client_id=account" -d "username=test1" -d
"password=1234t1" -d
"grant_type=password" "
http://localhost:8070/auth/realms/test/protocol/openid-connect/token
On Thu, Aug 30, 2018 at 4:34 AM Ronald Demneri <ronald.demneri(a)amdtia.com>
wrote:
Greetings everyone,
I am testing the possibility to login via curl to the account client in my
test realm and then use the tokens to access another client. I have tried
this:
curl -X POST \
-H "Content-Type: application/x-www-form-urlencoded" \
-H "cache-control: no-cache" \
-d
"grant_type=password&scope=openid&client_id=account&username=test1&password=1234t1"
\
"http://keycloak:8080/auth/realms/test /protocol/openid-connect/token" \
-v
But it gives me:
* upload completely sent off: 81 out of 81 bytes
< HTTP/1.1 400 Bad Request
< Connection: keep-alive
< Content-Type: application/json
< Content-Length: 91
What am I doing wrong and apologies if this question has been asked before.
Keycloak version is 4.1.0.Final
Ronald
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
10:35 a.m.
Yeah, tried that as well, same result. Any other ideas?
Thanks in advance,
Ronald
Sent from my HTC
----- Reply message -----
From: "KevinO" <oneal.kevin(a)gmail.com>
To: "Ronald Demneri" <ronald.demneri(a)amdtia.com>
Cc: "keycloak-user(a)lists.jboss.org" <keycloak-user(a)lists.jboss.org>
Subject: [keycloak-user] login via curl
Date: Thu, Aug 30, 2018 17:26
Try
curl -d "client_id=account" -d "username=test1" -d
"password=1234t1" -d "grant_type=password"
"http://localhost:8070/auth/realms/test/protocol/openid-connect/token
On Thu, Aug 30, 2018 at 4:34 AM Ronald Demneri
<ronald.demneri@amdtia.com<mailto:ronald.demneri@amdtia.com>> wrote:
Greetings everyone,
I am testing the possibility to login via curl to the account client in my test realm and
then use the tokens to access another client. I have tried this:
curl -X POST \
-H "Content-Type: application/x-www-form-urlencoded" \
-H "cache-control: no-cache" \
-d
"grant_type=password&scope=openid&client_id=account&username=test1&password=1234t1"
\
"http://keycloak:8080/auth/realms/test /protocol/openid-connect/token" \
-v
But it gives me:
* upload completely sent off: 81 out of 81 bytes
< HTTP/1.1 400 Bad Request
< Connection: keep-alive
< Content-Type: application/json
< Content-Length: 91
What am I doing wrong and apologies if this question has been asked before.
Keycloak version is 4.1.0.Final
Ronald
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org<mailto:keycloak-user@lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user
10:51 a.m.
Whenever I run
curl -v -d "client_id=amin-cli" -d "username=admin" -d
"password=keycloak"
-d "grant_type=password" "
http://localhost:8070/auth/realms/External/protocol/openid-connect/token&...
if something is incorrect, I get a message like
{"error":"invalid_grant","error_description":"Invalid
user credentials"}
Are you getting any json reponse?
What does the log say?
On Thu, Aug 30, 2018 at 10:35 AM Ronald Demneri <ronald.demneri(a)amdtia.com>
wrote:
Yeah, tried that as well, same result. Any other ideas?
Thanks in advance,
Ronald
Sent from my HTC
----- Reply message -----
From: "KevinO" <oneal.kevin(a)gmail.com>
To: "Ronald Demneri" <ronald.demneri(a)amdtia.com>
Cc: "keycloak-user(a)lists.jboss.org" <keycloak-user(a)lists.jboss.org>
Subject: [keycloak-user] login via curl
Date: Thu, Aug 30, 2018 17:26
Try
curl -d "client_id=account" -d "username=test1" -d
"password=1234t1" -d
"grant_type=password" "
http://localhost:8070/auth/realms/test/protocol/openid-connect/token
On Thu, Aug 30, 2018 at 4:34 AM Ronald Demneri <ronald.demneri(a)amdtia.com>
wrote:
> Greetings everyone,
>
> I am testing the possibility to login via curl to the account client in
> my test realm and then use the tokens to access another client. I have
> tried this:
> curl -X POST \
> -H "Content-Type: application/x-www-form-urlencoded" \
> -H "cache-control: no-cache" \
> -d
>
"grant_type=password&scope=openid&client_id=account&username=test1&password=1234t1"
> \
> "http://keycloak:8080/auth/realms/test /protocol/openid-connect/token" \
> -v
>
> But it gives me:
> * upload completely sent off: 81 out of 81 bytes
> < HTTP/1.1 400 Bad Request
> < Connection: keep-alive
> < Content-Type: application/json
> < Content-Length: 91
>
> What am I doing wrong and apologies if this question has been asked
> before.
>
> Keycloak version is 4.1.0.Final
>
> Ronald
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
4 a.m.
Hello,
Yes I receive an error, I had not configured the account client to use Direct Access
Grants, once I changed that I was able to receive the access and refresh tokens.
Let me explain a bit what I am trying to achieve:
I have a Jenkins instance where I have installed and configured the OIDC plugin. Basically
login works as it should, but the global log out does not. In chrome I can see that the
logout URL that Jenkins sends is this one:
http://keycloak:8080/auth/realms/test/protocol/openid-connect/logout?redi...
Sure enough, it displays an “Invalid redirect uri” in Keycloak. So I was trying to mimic
the situation with curl and to see whether the issue still remains and I have to check the
configurations in Keycloak, or if the Jenkins plugin does not send Keycloak the uri as
Keycloak expects it.
Makes sense?
Regards,
Ronald
From: KevinO <oneal.kevin(a)gmail.com>
Sent: Thursday, August 30, 2018 5:51 PM
To: Ronald Demneri <ronald.demneri(a)amdtia.com>
Cc: keycloak-user(a)lists.jboss.org
Subject: Re: [keycloak-user] login via curl
Whenever I run
curl -v -d "client_id=amin-cli" -d "username=admin" -d
"password=keycloak" -d "grant_type=password"
"http://localhost:8070/auth/realms/External/protocol/openid-connect/token"
if something is incorrect, I get a message like
{"error":"invalid_grant","error_description":"Invalid
user credentials"}
Are you getting any json reponse?
What does the log say?
On Thu, Aug 30, 2018 at 10:35 AM Ronald Demneri
<ronald.demneri@amdtia.com<mailto:ronald.demneri@amdtia.com>> wrote:
Yeah, tried that as well, same result. Any other ideas?
Thanks in advance,
Ronald
Sent from my HTC
----- Reply message -----
From: "KevinO"
<oneal.kevin@gmail.com<mailto:oneal.kevin@gmail.com>>
To: "Ronald Demneri"
<ronald.demneri@amdtia.com<mailto:ronald.demneri@amdtia.com>>
Cc: "keycloak-user@lists.jboss.org<mailto:keycloak-user@lists.jboss.org>"
<keycloak-user@lists.jboss.org<mailto:keycloak-user@lists.jboss.org>>
Subject: [keycloak-user] login via curl
Date: Thu, Aug 30, 2018 17:26
Try
curl -d "client_id=account" -d "username=test1" -d
"password=1234t1" -d "grant_type=password"
"http://localhost:8070/auth/realms/test/protocol/openid-connect/token
On Thu, Aug 30, 2018 at 4:34 AM Ronald Demneri
<ronald.demneri@amdtia.com<mailto:ronald.demneri@amdtia.com>> wrote:
Greetings everyone,
I am testing the possibility to login via curl to the account client in my test realm and
then use the tokens to access another client. I have tried this:
curl -X POST \
-H "Content-Type: application/x-www-form-urlencoded" \
-H "cache-control: no-cache" \
-d
"grant_type=password&scope=openid&client_id=account&username=test1&password=1234t1"
\
"http://keycloak:8080/auth/realms/test /protocol/openid-connect/token" \
-v
But it gives me:
* upload completely sent off: 81 out of 81 bytes
< HTTP/1.1 400 Bad Request
< Connection: keep-alive
< Content-Type: application/json
< Content-Length: 91
What am I doing wrong and apologies if this question has been asked before.
Keycloak version is 4.1.0.Final
Ronald
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org<mailto:keycloak-user@lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user
10:35 a.m.
Yeah, makes sense. Glad you got the curl working!
On Fri, Aug 31, 2018 at 4:01 AM Ronald Demneri <ronald.demneri(a)amdtia.com>
wrote:
Hello,
Yes I receive an error, I had not configured the account client to use
Direct Access Grants, once I changed that I was able to receive the access
and refresh tokens.
Let me explain a bit what I am trying to achieve:
I have a Jenkins instance where I have installed and configured the OIDC
plugin. Basically login works as it should, but the global log out does
not. In chrome I can see that the logout URL that Jenkins sends is this one:
http://keycloak:8080/auth/realms/test/protocol/openid-connect/logout?redi...
Sure enough, it displays an “Invalid redirect uri” in Keycloak. So I was
trying to mimic the situation with curl and to see whether the issue still
remains and I have to check the configurations in Keycloak, or if the
Jenkins plugin does not send Keycloak the uri as Keycloak expects it.
Makes sense?
Regards,
Ronald
*From:* KevinO <oneal.kevin(a)gmail.com>
*Sent:* Thursday, August 30, 2018 5:51 PM
*To:* Ronald Demneri <ronald.demneri(a)amdtia.com>
*Cc:* keycloak-user(a)lists.jboss.org
*Subject:* Re: [keycloak-user] login via curl
Whenever I run
curl -v -d "client_id=amin-cli" -d "username=admin" -d
"password=keycloak"
-d "grant_type=password" "
http://localhost:8070/auth/realms/External/protocol/openid-connect/token&...
if something is incorrect, I get a message like
{"error":"invalid_grant","error_description":"Invalid
user credentials"}
Are you getting any json reponse?
What does the log say?
On Thu, Aug 30, 2018 at 10:35 AM Ronald Demneri <ronald.demneri(a)amdtia.com>
wrote:
Yeah, tried that as well, same result. Any other ideas?
Thanks in advance,
Ronald
Sent from my HTC
----- Reply message -----
From: "KevinO" <oneal.kevin(a)gmail.com>
To: "Ronald Demneri" <ronald.demneri(a)amdtia.com>
Cc: "keycloak-user(a)lists.jboss.org" <keycloak-user(a)lists.jboss.org>
Subject: [keycloak-user] login via curl
Date: Thu, Aug 30, 2018 17:26
Try
curl -d "client_id=account" -d "username=test1" -d
"password=1234t1" -d
"grant_type=password" "
http://localhost:8070/auth/realms/test/protocol/openid-connect/token
On Thu, Aug 30, 2018 at 4:34 AM Ronald Demneri <ronald.demneri(a)amdtia.com>
wrote:
Greetings everyone,
I am testing the possibility to login via curl to the account client in my
test realm and then use the tokens to access another client. I have tried
this:
curl -X POST \
-H "Content-Type: application/x-www-form-urlencoded" \
-H "cache-control: no-cache" \
-d
"grant_type=password&scope=openid&client_id=account&username=test1&password=1234t1"
\
"http://keycloak:8080/auth/realms/test /protocol/openid-connect/token" \
-v
But it gives me:
* upload completely sent off: 81 out of 81 bytes
< HTTP/1.1 400 Bad Request
< Connection: keep-alive
< Content-Type: application/json
< Content-Length: 91
What am I doing wrong and apologies if this question has been asked before.
Keycloak version is 4.1.0.Final
Ronald
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
2295
days inactive
2296
days old
5 comments
2 participants
participants (2)
-
KevinO -
Ronald Demneri