On 16/01/17 20:23, Jari Kuusisto wrote:
Hello there. I have a web application (war) deployed on Wildfly and
it is
protected by Keycloak. I am using Java/Wildfly adapter (not "keycloak.js)",
and there is a KC client that uses Standard flow (OIDC): it is configured
to use Access Type "public". The setup works just fine. But is it possible
to retrieve and access the Id Token (JWT) from the client-side i.e.
end-user browser in this case? Or is it available on server-side as a
http-only cookie value? I planned to keep then JWT token short-lived and
use it for secondary login on another website based on the claims in it,
for example " 'login': 'allowed' " for
"john.smith(a)example.com".
There is adapter option
"expose-token", which allows to see the token on
the browser side. See docs for more details -
https://keycloak.gitbooks.io/securing-client-applications-guide/content/t...
I also have configured protocol mappers for the client so that certain
roles should be included i.e. mapped in the Id Token, but I can not see
them there. Any ideas what could be wrong? KC version is 2.2.1.Final and WF
version is 10. Thanks!
Depends how exactly you configured your protocol mappers and
which
mappers you used. Also do your client have required scopes for roles of
other clients? You can also try to upgrade to latest release and see if
that helps.
Marek
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user