8:35 a.m.
Hello,
I have a little question on integrating desktop application with Keycloak. I have
1. Desktop application that is a client to (1) a non-web server application and (2) a web
server application
2. Non-web server application
3. Web application that is a Keycloak client
4. Keycloak server
I want to ask user to auth once with Keycloak (using native WPF window) and use token of
some kind for both servers.
The questions are
1. What API should desktop application use to auth user with Keycloak? (maybe, I need to
read keycloak.js code?)
2. What API should non-web server use to verify token?
3. Can I use bearer token with keycloak client that has access type ‘confidential',
not ‘bearer only’?
Thank you for your work :)
--
Best regards,
Alik Kurdyukov
2:28 a.m.
----- Original Message -----
Look at the customer-app-cli and
https://github.com/keycloak/keycloak/blob/master/integration/installed/sr...
KeycloakInstalled uses the desktop browser, but you should be able to easily modify it to
use a native WPF window.
2. What API should non-web server use to verify token?
You can use org.keycloak.RSATokenVerifier from keycloak-core.
3. Can I use bearer token with keycloak client that has access type
‘confidential', not ‘bearer only’?
Not sure what you mean about this question, but the intention is that a
'confidential' client is an app that initiates a login, while the 'bearer
only' is a service that verifies the token. In your case the desktop app would be a
confidential client (or a public if the app is publicly available as you can't keep
the client secret private in that case) and the non-web server aka services would be a
'bearer only'.
3585
days inactive
3590
days old
1 comments
2 participants
participants (2)
-
Alik Kurdyukov -
Stian Thorgersen