Hi,
I'm trying to secure a bearer-only application with keycloak, to access it with access tokens, but I think I'm missing something.
I tried it with the database-service of the unconfigured demo.
1. I created the user role in the application.
2. I assigned that role to my user
3. I copied the contents of the installation json to webapp/META-INF/keycloak.json
{
"realm": "demo",
"realm-public-key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCwRayjzh7W+EfPaeSdyXWLyXof7c3fwD7vb0AEtG+ogLHtMkYiTdX9y/JXOmXwWDzGhx7NM3Q6vkCG0F3lZqOVsSlYH56c5+Ev4QmSGK/+6e+WcZMcgmscoz1OoXKom4+pzqMey42hqdwwMhkvCq/jxJSmUGnZJQuqEKVH00NZ1wIDAQAB",
"bearer-only": true,
"ssl-not-required": true,
"resource": "database-service",
"use-resource-role-mappings": true
}
4. Set the auth-method to KEYCLOAK on web.xml
5. Started the server deploying the database-service
6. Generated a token using security-admin-console client_id and my user
7. Submitted a GET request to localhost:8080/database/customers
After these steps I get a 403 error, saying that I'm not authorized to access the resource, wasn't this supposed to work?
--