5:23 p.m.
Hi All,
I'm working on a project with some fellow students and we are attempting to
use Keycloak to manage the authentication and authorization for our java
backend running on Wildfly. We've managed to retrieve a token which we
believe to be an offline token by opening the following URL on the mobile
client and intercepting a custom URL schema: http://keycloak.cs.westmont.ed
u/auth/realms/Westmont/protocol/openid-connect/auth?redirect
_uri=app.test://login&response_type=code&client_id=TestApp&s
cope=offline_access
We hope that this doesn't bother you, but we are really struggling to
figure out how to request the access token from the refresh token using the
REST API as we haven't found any documentation or tutorials covering this
use case.
We are also hoping to open source our efforts at building a library for
mobile apps to use with Keycloak.
Please let us know if there is anything else you need to understand from us.
Thanks in advance,
Sam
1:39 a.m.
It's all standard OAuth2 stuff so there's plenty of material on Google that
describes how to do this.
That doesn't return a token it returns an authorization code. Take a look
at:
https://tools.ietf.org/html/rfc6749#section-3.1
That'll show you how to get the tokens. Then:
https://tools.ietf.org/html/rfc6749#section-6
Will show you how to refresh the token.
On 12 September 2016 at 00:23, Sam McCollum <smccollum(a)westmont.edu> wrote:
Hi All,
I'm working on a project with some fellow students and we are attempting
to use Keycloak to manage the authentication and authorization for our java
backend running on Wildfly. We've managed to retrieve a token which we
believe to be an offline token by opening the following URL on the mobile
client and intercepting a custom URL schema:
http://keycloak.cs.westmont.edu/auth/realms/Westmont/protoco
l/openid-connect/auth?redirect_uri=app.test://login&response
_type=code&client_id=TestApp&scope=offline_access
We hope that this doesn't bother you, but we are really struggling to
figure out how to request the access token from the refresh token using the
REST API as we haven't found any documentation or tutorials covering this
use case.
We are also hoping to open source our efforts at building a library for
mobile apps to use with Keycloak.
Please let us know if there is anything else you need to understand from
us.
Thanks in advance,
Sam
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
3041
days inactive
3042
days old
1 comments
2 participants
participants (2)
-
Sam McCollum -
Stian Thorgersen