Re: [keycloak-user] [OAuth2.0] Authorization grant & Get token urls
On 20/11/15 12:18, Pavel Maslov wrote:
Hi everyone,
>From the user documentation I could not find the authorization grant
url (a la github's https://github.com/login/oauth/authorize) and Get
token url (a la https://github.com/login/oauth/access_token).
I presume it's
{keycloak_base}/realms/{realm-name}/protocol/openid-connect/auth?client_id={client_name}&response_type=code
<http://%7Bkeycloak_base%7D/realms/%7Brealm-name%7D/protocol/openid-connect/auth?client_id=%7Bclient_name%7D&response_type=code>
and
{keycloak_base}/realms/{realm-name}/protocol/openid-connect/token
<http://%7Bkeycloak_base%7D/realms/%7Brealm-name%7D/protocol/openid-connect/token>
respectively,
but I am not sure.
Yes, your URLs are correct. However if you want to use the
default
Authorization Code Grant flow and browser applications, you can just use
our adapters. You don't even need to know the authorization grant url
and token URL as adapters handle all the redirections and exchanges for you.
I suggest to take a look at our examples .
And here is the docs for adapters:
http://keycloak.github.io/docs/userguide/keycloak-server/html/ch08.html
Marek
I would like to follow the standard OAuth2.0 workflow:
1. Get Auth grant (GET on https://github.com/login/oauth/authorize)
2. Get access token in exchange for the auth grant code (POST on
https://github.com/login/oauth/access_token)
3. Use the resource using the access token gotten in step 2.
Please, correct me if I am wrong.
Thanks.
Regards,
Pavel Maslov, MSc
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
Attachments:
- attachment.html (text/html — 4.9 KB)