You won't be able to obtain a token from a bearer-only client, you need to
obtain it from another client that offers a login or use a service account (
On Fri, Oct 7, 2016 at 3:26 PM, Christoph Guse <info(a)flex-guse.de> wrote:
currently I have some trouble getting an Access Token using a
bearer-only client in combination with Keycloak 2.2.1.
In my Proof Of Concept realm (sso-poc) I created a client which was
configured to accept bearer-only authentication. If I got this right no
user login is needed and this client type is perfect for technical users.
Then I do a HTTP Post like this:
curl -X POST -F "grant_type=client_credentials" -F
Unfortunately the response is not an AccessToken but the error message
"error_description": "Bearer-only not allowed"
As I configured the client as bearer-only authentication, I'm a little
helpless and I ran out of ideas what I could do.
Thank you in advance,
keycloak-user mailing list