Re: [keycloak-user] propagating authentication to REST layer

The user docs ( http://keycloak.github.io/docs/userguide/keycloak-server/html/Overview.ht...) describe exactly what I'm looking for: Signed access tokens can also be propagated by REST client requests within an Authorization header. This is great for distributed integration as applications can request a login from a client to obtain an access token, then invoke any aggregated REST invocations to other services using that access token. I have a web app (in Tomcat) that uses the Keycloak adapter for user authentication. This web app needs to access a REST service, running in a different Tomcat container and I want the REST service to use the same user authentication, but I'm not totally sure about how to go about this. Do I just grab the keycloak token in the header in the web app and add that as a header when calling the REST service, and set the REST service up to use the same Keycloak adapter configuration as the web app?

What if I want to have other ways to authenticate the REST service (e.g. access from multiple clients)?

Tim _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user