I have just tested the 4.5.0.Final version and Keycloak does not send the Authorization
header. Keycloak is sending client_id and client_secret.
According to standards (
https://tools.ietf.org/html/rfc6749#section-2.3) authorization
server MUST support Authorization header (HTTP Basic) and MAY support client_id and
client_secret in the body.
Can I switch method of authentication between Keycloak and another IDP? If not, this is
not compatible with OAuth/OpenID standards. Please contact me, I can help with
implementation, because I need it ASAP :)
Karol
On 28.09.2018 09:23, Lokesh Ravichandru wrote:
Sure will try and post my findings.
- Lokesh
On Fri, Sep 28, 2018 at 12:51 PM Karol Buler
<K.Buler@adbglobal.com<mailto:K.Buler@adbglobal.com>> wrote:
Do you have "confidential client"? If so, could you please confirm that Keycloak
is sending the Authorization header? Basic from client_id:client_secret.
Karol
On 28.09.2018 09:16, Lokesh Ravichandru wrote:
We are using 4.4.0 version, we faced the same issue because of missing id_token from our
Identity broker application connected to keycloak.
For trial you can install 4.4.0 version as a test build and attach your identity provider
for test run.
- Lokesh
On Fri, Sep 28, 2018 at 12:42 PM Karol Buler
<K.Buler@adbglobal.com<mailto:K.Buler@adbglobal.com>> wrote:
Indeed. Structure looks like this:
{
"access_token": "",
"token_type": "",
"expires_in": int value,
"refresh_token": "",
"scope": "",
"id_token": ""
}
Karol
On 28.09.2018 09:10, Lokesh Ravichandru wrote:
Just for details, is your Identity broker returning id_token along with the access token
?
- Lokesh
On Fri, Sep 28, 2018 at 12:36 PM Karol Buler
<K.Buler@adbglobal.com<mailto:K.Buler@adbglobal.com>> wrote:
Additional information is that this is 3.4.3.Final Keycloak.
Do you know about this problem? Maybe it is fixed in newer version?
On 25.09.2018 13:01, Karol Buler wrote:
Hi,
I am trying to add Identity Broker based on OpenID Connect to my
Keycloak. Everything is fine, redirecting to login page is working,
but... always is "but" :) I've got error in Keycloak:
org.keycloak.broker.provider.IdentityBrokerException: No access_token
from server.
What I found is that the Keycloak doesn't send the "Authorization"
header in request "code-to-token". Is it bug/feature or am I missing
some configuration?
Best regards,
Karol
[
https://www.adbglobal.com/wp-content/uploads/adb.png]
adbglobal.com<http://adbglobal.com><https://www.adbglobal.com>
This message (including any attachments) may contain confidential, proprietary,
privileged and/or private information. The information is intended for the use of the
individual or entity designated above. If you are not the intended recipient of this
message, please notify the sender immediately, and delete the message and any attachments.
Any disclosure, reproduction, distribution or other use of this message or any attachments
by an individual or entity other than the intended recipient is STRICTLY PROHIBITED.
Please note that ADB protects your privacy. Any personal information we collect from you
is used in accordance with our Privacy
Policy<https://www.adbglobal.com/privacy-policy/> and in compliance with applicable
European data protection law (Regulation (EU) 2016/679, General Data Protection
Regulation) and other statutory provisions.
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org<mailto:keycloak-user@lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org<mailto:keycloak-user@lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user
--
Grootan Technologies Private Limited
R-Block, 15th main street
Anna nagar, Chennai 600 040
tel +91 97890 24698
mail lokesh.ravichandru@grootan.com<mailto:lokesh.ravichandru@grootan.com> | web
https://www.grootan.com
--
Grootan Technologies Private Limited
R-Block, 15th main street
Anna nagar, Chennai 600 040
tel +91 97890 24698
mail lokesh.ravichandru@grootan.com<mailto:lokesh.ravichandru@grootan.com> | web
https://www.grootan.com
--
Grootan Technologies Private Limited
R-Block, 15th main street
Anna nagar, Chennai 600 040
tel +91 97890 24698
mail lokesh.ravichandru@grootan.com<mailto:lokesh.ravichandru@grootan.com> | web
https://www.grootan.com