Ok, thanks...are there any outstanding security concerns are there around that, as long as I use TLS?

On Sat, Nov 14, 2015 at 8:45 AM, Bill Burke <bburke@redhat.com> wrote:
We call these public clients and its the way our admin console works.
Use our javascript adapter to obtain a token and make XHR requests to
the server with the token.

On 11/13/2015 10:29 PM, David Hay wrote:
> Hi,
>
> Newbie here...
>
> We're needing to secure an AngularJS application hitting our REST API
> (and supporting customers hitting it directly).
>
> I believe in this situation we need to utilize the Hybrid flow as there
> is no way to secure the secret in AngularJS.
>
> Does Keycloak support this?
>
> Thanks!
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user@lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>

--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user