3:31 p.m.
I am writing a command line interface which needs to authenticate against
keycloak. After creating the client definition in keycloaks admin console i
copy the installation data (keycloak.json) into the cli. When i try to use
the authz client i am not even able to create the client because it does
not know the option "ssl-required". When i remove this option the client
can be created but throws another exception when i call
"obtainAccessToken", this time complaining about missing credentials. The
credentials are missing because i made the client "public".
Am i doing something wrong or do i missunderstand the purpose of the authz
client?
3:38 p.m.
A client asks for a token on behalf of a specific user. You ahve to
provide the credentials of the user if you are doing a REST call to
obtain a token (direct grant). If the client is not public then you
also have to provide the client's credentials. Finally, we have
something called "service accounts". This is something you can enable
per client which allows the client to act as a user. Hope that answers
your question.
On 5/15/17 9:31 AM, Denny Israel wrote:
I am writing a command line interface which needs to authenticate
against
keycloak. After creating the client definition in keycloaks admin console i
copy the installation data (keycloak.json) into the cli. When i try to use
the authz client i am not even able to create the client because it does
not know the option "ssl-required". When i remove this option the client
can be created but throws another exception when i call
"obtainAccessToken", this time complaining about missing credentials. The
credentials are missing because i made the client "public".
Am i doing something wrong or do i missunderstand the purpose of the authz
client?
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
4:33 p.m.
You should only use AuthZ Client if you want to access Protection and
Authorization/Entitlement APIs. To access Keycloak Admin REST API you
should use Keycloak Admin Client.
Regards.
Pedro Igor
On Mon, May 15, 2017 at 10:31 AM, Denny Israel <denny.israel(a)googlemail.com>
wrote:
I am writing a command line interface which needs to authenticate
against
keycloak. After creating the client definition in keycloaks admin console i
copy the installation data (keycloak.json) into the cli. When i try to use
the authz client i am not even able to create the client because it does
not know the option "ssl-required". When i remove this option the client
can be created but throws another exception when i call
"obtainAccessToken", this time complaining about missing credentials. The
credentials are missing because i made the client "public".
Am i doing something wrong or do i missunderstand the purpose of the authz
client?
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
2560
days inactive
2560
days old
2 comments
3 participants
participants (3)
-
Bill Burke -
Denny Israel -
Pedro Igor Silva