8:35 a.m.
Hello,
I have a little question on integrating desktop application with Keycloak. I have
1. Desktop application that is a client to (1) a non-web server application and (2) a web
server application
2. Non-web server application
3. Web application that is a Keycloak client
4. Keycloak server
I want to ask user to auth once with Keycloak (using native WPF window) and use token of
some kind for both servers.
The questions are
1. What API should desktop application use to auth user with Keycloak? (maybe, I need to
read keycloak.js code?)
2. What API should non-web server use to verify token?
3. Can I use bearer token with keycloak client that has access type ‘confidential',
not ‘bearer only’?
Thank you for your work :)
--
Best regards,
Alik Kurdyukov
2:28 a.m.
----- Original Message -----
From: "Alik Kurdyukov" <akurdyukov(a)gmail.com>
To: keycloak-user(a)lists.jboss.org
Sent: Friday, 5 June, 2015 3:35:13 PM
Subject: [keycloak-user] Keycloak and desktop
Hello,
I have a little question on integrating desktop application with Keycloak. I
have
1. Desktop application that is a client to (1) a non-web server application
and (2) a web server application
2. Non-web server application
3. Web application that is a Keycloak client
4. Keycloak server
I want to ask user to auth once with Keycloak (using native WPF window) and
use token of some kind for both servers.
The questions are
1. What API should desktop application use to auth user with Keycloak?
(maybe, I need to read keycloak.js code?)
Look at the customer-app-cli and
https://github.com/keycloak/keycloak/blob/master/integration/installed/sr...
KeycloakInstalled uses the desktop browser, but you should be able to easily modify it to
use a native WPF window.
2. What API should non-web server use to verify token?
You can use org.keycloak.RSATokenVerifier from keycloak-core.
3. Can I use bearer token with keycloak client that has access type
‘confidential', not ‘bearer only’?
Not sure what you mean about this question, but the intention is that a
'confidential' client is an app that initiates a login, while the 'bearer
only' is a service that verifies the token. In your case the desktop app would be a
confidential client (or a public if the app is publicly available as you can't keep
the client secret private in that case) and the non-web server aka services would be a
'bearer only'.
Thank you for your work :)
--
Best regards,
Alik Kurdyukov
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
3473
days inactive
3478
days old
1 comments
2 participants
participants (2)
-
Alik Kurdyukov -
Stian Thorgersen