Re: [keycloak-user] Two way communication required between Keycloak Server and REST API BAckend Server?
The REST service doesn't need to communicate directly with Keycloak. The
auth-server-url is required by a bearer only token mainly to verify the
issuer in the token (it's the full url of the realm, not just the realm
name).
On 15 July 2016 at 16:34, Adrian Matei <adrianmatei(a)gmail.com> wrote:
Hi everyone,
Does a Keycloak secured REST Api on JBoss EAP 6.1 (access-type bearer
only) need to communicate with the Keycloak Server once the Adapter and
standalone.xml are properly configured?
Currently both servers are on the same DMZ zone, but we'd like to move the
REST Api Server in Intranet zone.
(test - the REST backend seems to be callable as long as the token is
valid, though the Keycloak Server was shutdown, but I ask myself why do I
need to specify the auth-server-url in standalone.xml, or keycloak.json
file)
Thanks
Adrian
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
Attachments:
- attachment.html (text/html — 1.7 KB)