Hi Bill,

I'm familiar with the examples, however I'm looking for a way to grant third-party clients access to my API. Since they could be written in a variety of languages, I'd like them to be able to obtain a token in a defined way without being dependent on Keycloak.

I suppose the approach Marek mentioned (OAuth spec section 4.3) should do the trick though (as long as you are planning to continue supporting it).

Cheers,

Nils

On Mon, Apr 14, 2014 at 3:32 PM, Bill Burke <bburke@redhat.com> wrote:

Bearer token security. Take a look at the examples, specifically the
database-service. This is a pure REST service secured by keyloak.

At the moment, we only have support for JBoss/Wildfly, but it wouldn't
take much to write an adapter for another java environment.

On 4/12/2014 1:09 PM, Nils Preusker wrote:
> Hi all,
>
> I'm trying to figure out how I could use keycloak to secure a REST API
> that is used bu a pure backend REST client. Do you have any
> recommendations for that (i.e. API keys)?
>
> Cheers,
> Nils
>
>

> _______________________________________________
> keycloak-user mailing list
> keycloak-user@lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>

--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com

_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user