I'm sorry but I believe I may have misunderstood you somehow, I tried
building a request for that URL to test it.
The application I'm trying to access is the product-portal application from
the unconfigured demo, I followed the tutorials and got it running, so
here's the post I created:
POST
http://localhost:8080/auth/rest/realms/demo/tokens/grants/access
Authorization: Basic
cHJvZHVjdC1wb3J0YWw6MWQ5MDRlYzAtNjViMS00MDljLTljYTUtMDhkMGI1ODI0Y2I4
Content-Type: application/x-www-form-urlencoded
Form Data:
username: product-portal
password: key generated by keycloak
Here the Authorization header was also built on the name product-portal and
the key that keycloak generated, so I entered it twice, and I know that
can't be right, but I don't really know where my mistake is. I apologize
for the inconvenience, but if it's not much trouble, could you clarify that
for me?
On Fri, May 9, 2014 at 5:50 PM, Rodrigo Sasaki <rodrigopsasaki(a)gmail.com>wrote:
I considered that aswell.
The thing is the mobile app is already completed, and I'm not in the
position to make such design calls.
My idea was to create a normal Application, and use the URLs I define
there instead of just giving the token to the mobile app, that's what you
meant right?
Nonetheless I'll definitely pass on your suggestion up, it definitely
sounds better and cleaner. Thank you for such a quick response!
On Fri, May 9, 2014 at 5:46 PM, Bill Burke <bburke(a)redhat.com> wrote:
> You can do a Basic Auth request
>
> POST /content-root/realms/{realm}/tokens/grants/access
> Authorization: Basic auth with client_id and secret
> Content-Type: application/x-www-form-urlencoded
>
> client_id is the id of your register application.
>
> form parameters are:
>
> username
> password
>
>
> BTW, for mobile, IMO, you are better off doing oauth with the mobile
> client and doing a mobile redirect to your browser and back. That way
> Keycloak can manage your accounts.
>
>
>
>
> On 5/9/2014 4:35 PM, Rodrigo Sasaki wrote:
> > Hello everyone,
> >
> > Fist of all I apologize if I do anything that isn't normal, this is the
> > 1st time I subscribe to a mailing list, please let me know if I should
> > have done anything differently.
> >
> > Alright then, my question is this: Is there a way for me to get a token
> > providing only user and password? Let me try and clarify it better.
> >
> > We are using a homegrown solution based on SkeletonKey and we have a
> > flow where we use an URL that requires username and password and returns
> > directly an Access Token, with no Access Codes envolved. We use this so
> > that our own mobile apps can get access to our REST services.
> >
> > Is there any way I could get around this with Keycloak? Getting an
> > access token directly to my mobile app?
> >
> >
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user(a)lists.jboss.org
> >
https://lists.jboss.org/mailman/listinfo/keycloak-user
> >
>
> --
> Bill Burke
> JBoss, a division of Red Hat
>
http://bill.burkecentral.com
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>
--
Rodrigo Sasaki
--
Rodrigo Sasaki