4 a.m.
Hello,
Yes I receive an error, I had not configured the account client to use Direct Access
Grants, once I changed that I was able to receive the access and refresh tokens.
Let me explain a bit what I am trying to achieve:
I have a Jenkins instance where I have installed and configured the OIDC plugin. Basically
login works as it should, but the global log out does not. In chrome I can see that the
logout URL that Jenkins sends is this one:
http://keycloak:8080/auth/realms/test/protocol/openid-connect/logout?redi...
Sure enough, it displays an “Invalid redirect uri” in Keycloak. So I was trying to mimic
the situation with curl and to see whether the issue still remains and I have to check the
configurations in Keycloak, or if the Jenkins plugin does not send Keycloak the uri as
Keycloak expects it.
Makes sense?
Regards,
Ronald
From: KevinO <oneal.kevin(a)gmail.com>
Sent: Thursday, August 30, 2018 5:51 PM
To: Ronald Demneri <ronald.demneri(a)amdtia.com>
Cc: keycloak-user(a)lists.jboss.org
Subject: Re: [keycloak-user] login via curl
Whenever I run
curl -v -d "client_id=amin-cli" -d "username=admin" -d
"password=keycloak" -d "grant_type=password"
"http://localhost:8070/auth/realms/External/protocol/openid-connect/token"
if something is incorrect, I get a message like
{"error":"invalid_grant","error_description":"Invalid
user credentials"}
Are you getting any json reponse?
What does the log say?
On Thu, Aug 30, 2018 at 10:35 AM Ronald Demneri
<ronald.demneri@amdtia.com<mailto:ronald.demneri@amdtia.com>> wrote:
Yeah, tried that as well, same result. Any other ideas?
Thanks in advance,
Ronald
Sent from my HTC
----- Reply message -----
From: "KevinO"
<oneal.kevin@gmail.com<mailto:oneal.kevin@gmail.com>>
To: "Ronald Demneri"
<ronald.demneri@amdtia.com<mailto:ronald.demneri@amdtia.com>>
Cc: "keycloak-user@lists.jboss.org<mailto:keycloak-user@lists.jboss.org>"
<keycloak-user@lists.jboss.org<mailto:keycloak-user@lists.jboss.org>>
Subject: [keycloak-user] login via curl
Date: Thu, Aug 30, 2018 17:26
Try
curl -d "client_id=account" -d "username=test1" -d
"password=1234t1" -d "grant_type=password"
"http://localhost:8070/auth/realms/test/protocol/openid-connect/token
On Thu, Aug 30, 2018 at 4:34 AM Ronald Demneri
<ronald.demneri@amdtia.com<mailto:ronald.demneri@amdtia.com>> wrote:
Greetings everyone,
I am testing the possibility to login via curl to the account client in my test realm and
then use the tokens to access another client. I have tried this:
curl -X POST \
-H "Content-Type: application/x-www-form-urlencoded" \
-H "cache-control: no-cache" \
-d
"grant_type=password&scope=openid&client_id=account&username=test1&password=1234t1"
\
"http://keycloak:8080/auth/realms/test /protocol/openid-connect/token" \
-v
But it gives me:
* upload completely sent off: 81 out of 81 bytes
< HTTP/1.1 400 Bad Request
< Connection: keep-alive
< Content-Type: application/json
< Content-Length: 91
What am I doing wrong and apologies if this question has been asked before.
Keycloak version is 4.1.0.Final
Ronald
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org<mailto:keycloak-user@lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user