Re: [keycloak-user] Exchange access token to id token

Can I get user id from the access token? That's the only token I can get from HTTP Authorization header. Actual login and getting login response happens earlier, at my web application or oauth client. So, at my REST implementation class I only have access token. Thanks!! -----Original Message----- From: keycloak-user-bounces(a)lists.jboss.org [mailto:keycloak-user-bounces@lists.jboss.org] On Behalf Of Bill Burke Sent: Friday, April 03, 2015 2:20 PM To: keycloak-user(a)lists.jboss.org Subject: Re: [keycloak-user] Exchange access token to id token Our access tokens are actually JsonWebTokens packaged in a Json Web Signature. Direct Grant login should also return an IDToken within the Access Token Response. On 4/3/2015 3:15 PM, Ryvlin, Andrey wrote: > Hi, > > I’m using Keycloak direct grant login to my REST APIs and I need to > get authenticated user information for auditing purpose. > > At my REST implementation class I can get access token from HTTP > header by using a request interceptor, but I believe that token is > useless for auditing. > > Is there Keycloak REST API to get id token for the access token? > > Thank you in advance > > Andrey Ryvlin > > Sr. Software Engineer > > > ---------------------------------------------------------------------- > -- > > This message is only for the use of the intended recipient and may > contain information that is CONFIDENTIAL and PROPRIETARY to > MorphoTrust USA, Inc. If you are not the intended recipient, please > erase all copies of the message and its attachments and notify the sender immediately. > > > _______________________________________________ > keycloak-user mailing list > keycloak-user(a)lists.jboss.org > https://lists.jboss.org/mailman/listinfo/keycloak-user > -- Bill Burke JBoss, a division of Red Hat http://bill.burkecentral.com _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user ________________________________ This message is only for the use of the intended recipient and may contain information that is CONFIDENTIAL and PROPRIETARY to MorphoTrust USA, Inc. If you are not the intended recipient, please erase all copies of the message and its attachments and notify the sender immediately.