Re: [keycloak-user] Authenticating non-interactive users
In the future we'll add better support for non-human users, by adding better
authentication mechanisms such as JWT and Cert. Quite likely we'll also add a separate
account type (a non-human wants permitted IP addresses, not a first name).
However, for now you're limited to creating a standard user account for this purpose.
I recommend you create a separate account with a random longish password that can be
shared between the nodes. I certainly wouldn't use the admin account.
----- Original Message -----
From: "Juraci Paixão Kröhling" <juraci(a)kroehling.de>
To: keycloak-user(a)lists.jboss.org
Sent: Saturday, 11 October, 2014 9:38:57 AM
Subject: Re: [keycloak-user] Authenticating non-interactive users
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 10/10/2014 07:29 PM, Bill Burke wrote:
> We have a Direct grant REST API to obtain access/refresh token.
> You have to enable it in the admin console. Docs here:
That would require to store the admin's plain text password somewhere
(or create an user for each node), right? If so, that's a no-go :-)
- - Juca.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBCgAGBQJUON6RAAoJEDnJtskdmzLMfv4H/0dE8tW6RipFSIwqZuwbnKrc
cThrFv45G8fIqBSaYxz/tszsYB+lsQHzZ+xVeAJsjvJrDXHwNCjh8TIIOdfSCgLF
ZTdRIO4pgjhgorD484uuIi+sNnEZ5BBPraWsymxZrs8L6lmkOVNfRDmLqTJ3LTFl
AhBepJoLR6h7LJnFELDsvRFHYOun70tU3uGHBFczcBY0RKELI3X6czjQ2m16pJCC
QggbYG5OE/OQZ+HRyCp897fHSAj2XkvUcVnDyQpn6p3gtufF98QDUoUhWlrwV2Wp
A3W6mRZBoJ6L4hBf//Xh9Hlwl7G2qsQgXJjOHv0mNW1c0KZZBXCdWc233h3elmg=
=j4RQ
-----END PGP SIGNATURE-----
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user