Yes, your URLs are correct. However if you want to use the default Authorization Code Grant flow and browser applications, you can just use our adapters. You don't even need to know the authorization grant url and token URL as adapters handle all the redirections and exchanges for you.Hi everyone,
>From the user documentation I could not find the authorization grant url (a la github's https://github.com/login/oauth/authorize) and Get token url (a la https://github.com/login/oauth/access_token).
I presume it's {keycloak_base}/realms/{realm-name}/protocol/openid-connect/auth?client_id={client_name}&response_type=code and {keycloak_base}/realms/{realm-name}/protocol/openid-connect/token respectively, but I am not sure.
I would like to follow the standard OAuth2.0 workflow:
- Get Auth grant (GET on https://github.com/login/oauth/authorize)
- Get access token in exchange for the auth grant code (POST on https://github.com/login/oauth/access_token)
- Use the resource using the access token gotten in step 2.
Please, correct me if I am wrong.Thanks.
Regards,
Pavel Maslov, MSc
_______________________________________________ keycloak-user mailing list keycloak-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user