Take a look at the admin-access-app example.

So, mod-auth-openidc works with Keycloak? Would you be interested in contributing a ClientInstaller that generates config for it? Similar to the mod-auth-mellon one?

https://github.com/keycloak/keycloak/blob/master/services/src/main/java/org/keycloak/protocol/saml/installation/ModAuthMellonClientInstallation.java

Here's one that generates keycloak client adapter config for OIDC too:

https://github.com/keycloak/keycloak/blob/master/services/src/main/java/org/keycloak/protocol/oidc/installation/KeycloakOIDCClientInstallation.java

On 2/1/2016 11:27 AM, Reed Lewis wrote:

I have Keycloak working very well now where it can validate users in its own database, against a legacy database in our company, and from Google and Microsoft. Right now I have been testing with this module for Apache:

https://github.com/pingidentity/mod_auth_openidc

And it works as it should. I can go to a webpage on my webserver, and the complete flow works well. The user is redirected to the login page, then it returns, and my webserver requests a token as it should. :)

What I plan on doing though is securing a mobile App. I cannot find a raw HTTP(s) example of how to make a direct access grant where keycloak well ask the user for credentials, and directly return an jwt? Is this possible, or should I use the two step method (keyclock with redirect => to URL in APP => makes request with code to get the tokens?

Also, does anyone have good standalone python, node.js or even C code to validate a token? I see there are libraries, but I would like to use just openssl if possible.

Thank you,

Reed Lewis
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user

-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com