Hi,

From the docs:

"Only confidential clients are allowed to invoke the new endpoint, "

https://keycloak.github.io/docs/userguide/keycloak-server/html/Migration_from_older_versions.html#d4e4084

[the new endpoint] -->  /realms/{realm}/protocols/openid-connect/token/introspect

But the project : https://github.com/keycloak/keycloak-nodejs-auth-utils/blob/master/lib/grant-manager.js

Is using public client approach  ^  [username, password, no client-secret etc...]

Any suggestion on this ?

Thanks !

On Mon, Apr 25, 2016 at 7:14 PM, Helio Frota <00hf11@gmail.com> wrote:
Hi Bruno,

I'm trying to validate an access token:


Thanks for the feedback !




On Mon, Apr 25, 2016 at 6:49 PM, Bruno Oliveira <bruno@abstractj.org> wrote:
It sounds like there's some misconception here. Does not make sense to
have a public client with client secret configured.

Could you please elaborate more, what exactly are you trying to do? And
I would really appreciate if you share more details.

On 2016-04-25, Helio Frota wrote:
> Hi,
>
> I found a shell script to use the new introspection path to do token
> validation:
> http://lists.jboss.org/pipermail/keycloak-user/2016-April/005869.html
>
> I'm using public client and by removing :
>
> KC_CLIENT_SECRET=a-test-client-credental
>
> The result is:
>
> {"error_description":"Authentication failed.","error":"invalid_request"}
>
> It is possible to use validation token for public clients ?
>
> Thanks!

> _______________________________________________
> keycloak-user mailing list
> keycloak-user@lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user


--

abstractj
PGP: 0x84DC9914