Dear All,
I am trying to test Keycloak-gatekeeper, have read the docs I could find (keaycloak-proxy
as well) but I still have a few questions:
1- I am trying to secure a number of REST APIs, configured behind bearer-only clients. I
think I need to first get a access token trough a confidential client using a
'grant-type=password' request and then do a second request to the REST client
resource. Is this the right approach, how would I implement this using
Keycloak-Gatekeeper?.
2- Keycloak-Gatekeeper uses uri->methods->roles to manage resource access. Is there
a way to use Keycloak's authorization settings to manage access to a client's
resource (i.e. policies, permissions, uma-ticket, etc.)?
3- How do I set up multiple clients, do I have to run and configure separate instances of
Keycloak-Gatekeeper?
Thanks in advance for your time and help.
Regards,