Re: [keycloak-user] Obtaining RPT with Keycloak installed
On Tue, Sep 11, 2018 at 6:58 AM, keycloak demo <testoauth55(a)gmail.com>
wrote:
I am using keycloak installed through which I can obtain access
token. like
this:
*keycloakinstalled.loginDesktop();*
*AccessToken token = keycloak.getToken();*
But how can I obtain RPT (Requesting Party Token) in case of
keycloakinstalled?
I have followed the doc:
https://www.keycloak.org/docs/4.3/authorization_services/#
obtaining-user-entitlements
which
gives a way to request RPT by using AuthzClient. But how can it be done if
I am using keycloakinstalled?
Also by decoding the RPT and accessToken I can see that RPT has
authorization & permissions info which Access Token does not have:
"authorization": { "permissions": [.....
In summary, I have 2 questions:
1. Which one (Access token or RPT) should be used if I want to use
authorization in my client application? What is the exact difference in
terms of usage between the two?
The main difference between the two is that RPT gives you additional claims
representing permissions with a specific audience set to the target
resource server. RPTs are also obtained using a different grant type.
2. How can the RPT be obtained in case of Keycloak installed?
I have never tested this before, could you please fill a JIRA with more
details about what you are trying to achieve with keycloak installed. Need
to check if we could implement something for better support of RPTs.
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user