Try something like this:
#!/bin/bash
REALM="quickstart"
PORT="8180"
echo "Access"
TKN=$(curl -X POST
"http://172.18.0.2:$PORT/auth/realms/$REALM/protocol/openid-connect/token"
\
-H "Content-Type: application/x-www-form-urlencoded" \
-d "username=alice" \
-d 'password=password' \
-d 'grant_type=password' \
-d 'client_id=admin-cli' | jq -r '.access_token')
curl -X GET 'http://localhost:3000/service/secured' -H "Accept:
application/json" -H "Authorization: Bearer $TKN"
On Mon, Nov 12, 2018 at 8:49 AM Sharlet Wilson <wilson.sharlet(a)gmail.com> wrote:
Hi, I'm directly using the jboss/keycloak docker image to run Keycloak.
I created a 'quickstart' realm and a 'service-nodejs' client in the
Keycloak server. I get the access token by sending a POST request to
/auth/realms/<realm-name>/protocol/openid-connect/token API. (For this, I
had to set the Access Type of the client to 'confidential' on the Keycloak
server). Now I'm trying to access the protected route of the example
http://localhost:3000/service/secured by setting the Authorization header
to the access token I got above, but it still gives me 'Access denied'. Am
I doing anything wrong here?
Regards,
Sharlet Hannah Wilson
On Mon, Nov 12, 2018 at 1:37 PM Sharlet Wilson <wilson.sharlet(a)gmail.com>
wrote:
> Hi,
>
> I have a user's keycloak access token on my backend Node.js application.
> Would like to know how I can use it to authorize a user to access my custom
> REST apis. (I am using the
/auth/realms/<realm-name>/protocol/openid-connect/token
> api to get the user's access token).
>
> Regards,
> Sharlet Hannah Wilson
>
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user