Re: [keycloak-user] Application to applications using bearer token
That's quite strange. It should already be possible to authenticate
against confidential applications with bearer-token. For example if you
switch demo database-service as "confidential" instead of
"bearer-only",
it should be still possible to authenticate to it with the bearer access
token sent from customer-portal. You can try it and see if it works.
If demo works for you, but your applications don't, it's probably some
configuration problem on your side.
Marek
On 15.4.2015 17:44, Scott Rossillo wrote:
Actually, I wanted to clarify one thing:
In the demos the database-service is set up as bearer-only. Maybe
that’s the problem I’m having. I have the dependent service set as
confidential. But shouldn’t this be supported?
What if the service provides both user facing features and APIs that
can be accessed with bearer tokens?
Thanks again,
Scott
On Wed, Apr 15, 2015 at 11:41 AM, Scott Rossillo
<srossillo(a)smartling.com <mailto:srossillo@smartling.com>> wrote:
In the demos, there’s a clear example of how a user is
authenticated against an application, say the customer-portal, and
then the customer-portal requests information from the
database-service using the access token as a bearer token.
In this example, the database-service accepts the bearer token and
returns data.
However, using the Keycloak Adapters and attempting to do the same
thing, the authentication is rejected. Any idea what may be
causing this?
Thanks,
Scott
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
Attachments:
- attachment.html (text/html — 3.3 KB)