The user docs (http://keycloak.github.io/docs/userguide/keycloak-server/html/Overview.html#d4e54) describe exactly what I'm looking for:
Signed access tokens can also be propagated by REST client requests within anI have a web app (in Tomcat) that uses the Keycloak adapter for user authentication.Authorizationheader. This is great for distributed integration as applications can request a login from a client to obtain an access token, then invoke any aggregated REST invocations to other services using that access token.
This web app needs to access a REST service, running in a different Tomcat container and I want the REST service to use the same user authentication, but I'm not totally sure about how to go about this.
Do I just grab the keycloak token in the header in the web app and add that as a header when calling the REST service, and set the REST service up to use the same Keycloak adapter configuration as the web app?
What if I want to have other ways to authenticate the REST service (e.g. access from multiple clients)?
Tim
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user