A client asks for a token on behalf of a specific user. You ahve to
provide the credentials of the user if you are doing a REST call to
obtain a token (direct grant). If the client is not public then you
also have to provide the client's credentials. Finally, we have
something called "service accounts". This is something you can enable
per client which allows the client to act as a user. Hope that answers
your question.
On 5/15/17 9:31 AM, Denny Israel wrote:
I am writing a command line interface which needs to authenticate
against
keycloak. After creating the client definition in keycloaks admin console i
copy the installation data (keycloak.json) into the cli. When i try to use
the authz client i am not even able to create the client because it does
not know the option "ssl-required". When i remove this option the client
can be created but throws another exception when i call
"obtainAccessToken", this time complaining about missing credentials. The
credentials are missing because i made the client "public".
Am i doing something wrong or do i missunderstand the purpose of the authz
client?
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user