9:18 a.m.
Hi,
I have two backend servers that needs to communicate at a high throughput (1000s request
per second).
I don't want each of the requests to block/slow down by the server contacting the
Keycloak server to verify the token.
Is there a way, I can create a transparent token that could be verified without having to
access the KeyCloak server in each request?
Thanks,
Omri.
1:35 a.m.
This is by design. Keycloak uses JWT tokens, which can be verified without
contacting IdP.
Your app just needs public keys from keycloak instance. This is done
automatically be keycloak adapter. Adapter has 2 ways of getting keys:
* you can supply them explicitly
* adapter can fetch and cache them
вс, 25 марта 2018 г. в 17:21, Omri Tavor <omri.tavor(a)forcepoint.com>:
Hi,
I have two backend servers that needs to communicate at a high throughput
(1000s request per second).
I don't want each of the requests to block/slow down by the server
contacting the Keycloak server to verify the token.
Is there a way, I can create a transparent token that could be verified
without having to access the KeyCloak server in each request?
Thanks,
Omri.
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
2466
days inactive
2469
days old
1 comments
2 participants
participants (2)
-
Omri Tavor -
Виталий Ищенко