Re: [keycloak-user] Getting Access token over REST API

Thanks for replying Stian. Our APIs are external APIs and need to provide services including authentication. Users of these APIs/services will be external applications, external vendors APIs, mobile apps. The authentication needs to happen over Auth service/APIs as well. The link you shared has end points. Can they be used to get tokens in a production grade setting? Additionally, Why do say, getting tokens over REST end point is wrong way? Thanks.Akash From: Stian Thorgersen <sthorger(a)redhat.com&gt; To: akash agrawal <akash_agrawal(a)yahoo.co.uk&gt; Cc: &quot;keycloak-user(a)lists.jboss.org&quot; <keycloak-user(a)lists.jboss.org&gt; Sent: Friday, February 3, 2017 12:53 AM Subject: Re: [keycloak-user] Getting Access token over REST API I would strongly suggest you reconsider and use the Keycloak login as there are many many reasons why that is a better approach. I'm not going to list it again, because I've done that to many times to count. The login page is highly customizable so you can make it look exactly how you like. Any specific reasons why this is not an option? If you still insist on doing it the "wrong way" then use the OAuth2 resource owner credential grant instead, take a look at https://keycloak.gitbooks.io/securing-client-applications-guide/content/topics/oidc/oidc-generic.html for more details. On 2 February 2017 at 00:00, akash agrawal <akash_agrawal(a)yahoo.co.uk&gt; wrote: Hi, I am evaluating Keycloak for our Identity management needs. We have a collection of REST APIs which we want to secure using OAuth/OpenIdConnect. I am looking over Keycloak documentation to determine if a client application can call a REST endpoint (production grade) to get the access token. Are there other alternatives to get access token? Using KeyCloak user interface to login and get an access token is not an option. Appreciate your help. Thanks. Akash ______________________________ _________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/ mailman/listinfo/keycloak-user