Re: [keycloak-user] REST API security
Hi,
I would suggest to look at this endpoint
https://github.com/keycloak/keycloak/blob/master/services/src/main/java/o...
. I wonder that this is something you are looking for as it allows to
retrieve token for some user in exchange to application and user
credentials. It's defacto something described in OAuth2 specs in
Resource Owner flow http://tools.ietf.org/html/rfc6749#page-37 .
So what I've just tried is this curl request:
curl --request POST
http://localhost:8081/auth/rest/realms/myRealm/tokens/grants/access
--data
"client_id=myApp&client_secret=c52dc243-8004-4843-b03b-bc139fd3a6fc&username=john&password=password"
--header "Accept: application/json" --header "Content-type:
application/x-www-form-urlencoded"
where client_id and client_secret are credentials of my application and
username/password are credentials of user and "myRealm" is name of my
realm where user "john" and application "myApp" are registered. Note
that instead of client_id and client_secret you can also use
Authorization header (see the code for more details)
Marek
On 13.4.2014 10:30, Nils Preusker wrote:
To clarify, I've been looking at the various clients in the
examples
and know that I can simply add an authorization header with a bearer
token to the REST requests. However, as far as I understand the
examples and the code, all the login flows are based on login forms
and redirects. While this is convenient for web applications, I'm
missing a simple way for a "headless" client to obtain a token in
return for application credentials or an API key. Are you planning to
support this kind of use case?
Cheers,
Nils
On Sat, Apr 12, 2014 at 7:09 PM, Nils Preusker <n.preusker(a)gmail.com
<mailto:n.preusker@gmail.com>> wrote:
Hi all,
I'm trying to figure out how I could use keycloak to secure a REST
API that is used bu a pure backend REST client. Do you have any
recommendations for that (i.e. API keys)?
Cheers,
Nils
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
Attachments:
- attachment.html (text/html — 4.1 KB)