Re: [keycloak-user] Keycloak AJAX authentication flow

Hi Moritz, The usual path with SPA would be to just redirect user to the Keycloak authentication page, that if user’s logged in would just redirect them back with authentication code in the query parameter, and if not - would require user to log in. I’ve described that for Angular here: https://medium.com/andrzejczak/sso-for-your-single-page-application-part-... <https://medium.com/andrzejczak/sso-for-your-single-page-application-part-... But if your app load time is quite long there might be something else you can do. There’s a token endpoint that would return you a JSON containing authentication token and refresh token, both with expiration times. All you need to provide is login and password (and additionally grant_type (`password`) and your client_id). So if you decide to implement authentication form on your side you could just use that to get a token for a user and treat this user as logged into the application. You’re loosing the SSO capabilities of Keycloak, but it might still be enough for you. You can see example of this token request in step 1 of this blogpost https://blog.softwaremill.com/who-am-i-keycloak-impersonation-api-bfe7aca... <https://blog.softwaremill.com/who-am-i-keycloak-impersonation-api-bfe7aca...;. Be sure to enable Direct Flow in the Keycloak Client, though. Cheers, Bartek