Thank you very much, it works! At least I have one question: How do I know which identity provider is used? Lets say I log in with facebook, how does my Java code know that it must send the rest-call to the facebook-endpoint?

Thanks,
Andreas

2016-03-04 11:11 GMT+01:00 Stian Thorgersen <sthorger@redhat.com>:
To read the token the user has to have the broker.read-token permission. The client also needs a scope on it. Please take a look at http://keycloak.github.io/docs/userguide/keycloak-server/html/identity-broker.html#d4e2198

On 3 March 2016 at 20:28, Andreas Cserinko <a.cserinko@gmail.com> wrote:
Hey guys!

I've been trying since a few days to make a rest-call to '/realms/myrealm/broker/google/token'
from my Java-code. But when I send the request, the response says that the token is invalid. I have no clue what token to use. 

Can anybody please describe the flow of how to obtain the right tokens, or post some examples how to solve the problem. I looked at the example on GitHub (https://github.com/keycloak/keycloak/tree/master/examples/broker/facebook-authentication) but this example don't fit my needs because it is client-side.

Any help would be appreciated, thanks!

Thank you,
Andreas

_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user