9:29 a.m.
I have a situation where I need my javascript UI (all client side) to obtain a token from
Keycloak. The token would not be specific to the user but for the UI itself. Looking at
the documentation for the Javascript Adapter, it appears that it only works for getting a
token for the user and is a public access type. Is it possible to get a token for the UI
and treat the UI as a confidential client? It would need to then have a secret key,
right? Is there a good way to store that secret key so that it can't be read by users
who just browse the source from their browser?
The reason for doing this is I have another authentication engine that is used to access
the UI. The users would then not have an account in Keycloak.
3:46 a.m.
No, of course there isn't. A JS app runs entirely within the users browser.
Can you explain what you're actually trying to achieve? I don't get it.
On 6 January 2017 at 16:29, Matt H <tsdgcc2087(a)outlook.com> wrote:
I have a situation where I need my javascript UI (all client side)
to
obtain a token from Keycloak. The token would not be specific to the user
but for the UI itself. Looking at the documentation for the Javascript
Adapter, it appears that it only works for getting a token for the user and
is a public access type. Is it possible to get a token for the UI and
treat the UI as a confidential client? It would need to then have a secret
key, right? Is there a good way to store that secret key so that it can't
be read by users who just browse the source from their browser?
The reason for doing this is I have another authentication engine that is
used to access the UI. The users would then not have an account in
Keycloak.
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
8:03 a.m.
I didn't think there was, but I had to check.
I have a module that I have to use that authenticates a user. So when a user goes to a
UI, they will be required to authenticate with this. It validates that they are who they
are. From there the UI (pure JS) would call an application that is secured with Keycloak
so the request needs a token to access it. A lot of our application to application calls
are set up as clients with confidential access, so the application is what the ticket is
for, not the user using the application. Make sense?
________________________________
From: Stian Thorgersen <sthorger(a)redhat.com>
Sent: Monday, January 9, 2017 3:46 AM
To: Matt H
Cc: keycloak-user(a)lists.jboss.org
Subject: Re: [keycloak-user] Get token for JS UI
No, of course there isn't. A JS app runs entirely within the users browser.
Can you explain what you're actually trying to achieve? I don't get it.
On 6 January 2017 at 16:29, Matt H
<tsdgcc2087@outlook.com<mailto:tsdgcc2087@outlook.com>> wrote:
I have a situation where I need my javascript UI (all client side) to obtain a token from
Keycloak. The token would not be specific to the user but for the UI itself. Looking at
the documentation for the Javascript Adapter, it appears that it only works for getting a
token for the user and is a public access type. Is it possible to get a token for the UI
and treat the UI as a confidential client? It would need to then have a secret key,
right? Is there a good way to store that secret key so that it can't be read by users
who just browse the source from their browser?
The reason for doing this is I have another authentication engine that is used to access
the UI. The users would then not have an account in Keycloak.
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org<mailto:keycloak-user@lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user
11:06 p.m.
On 9 January 2017 at 15:03, Matt H <tsdgcc2087(a)outlook.com> wrote:
I didn't think there was, but I had to check.
I have a module that I have to use that authenticates a user. So when a
user goes to a UI, they will be required to authenticate with this. It
validates that they are who they are. From there the UI (pure JS) would
call an application that is secured with Keycloak so the request needs a
token to access it. A lot of our application to application calls are set
up as clients with confidential access, so the application is what the
ticket is for, not the user using the application. Make sense?
Nopes, sorry. I read this a few times and I don't understand it at all.
------------------------------
*From:* Stian Thorgersen <sthorger(a)redhat.com>
*Sent:* Monday, January 9, 2017 3:46 AM
*To:* Matt H
*Cc:* keycloak-user(a)lists.jboss.org
*Subject:* Re: [keycloak-user] Get token for JS UI
No, of course there isn't. A JS app runs entirely within the users
browser.
Can you explain what you're actually trying to achieve? I don't get it.
On 6 January 2017 at 16:29, Matt H <tsdgcc2087(a)outlook.com> wrote:
> I have a situation where I need my javascript UI (all client side) to
> obtain a token from Keycloak. The token would not be specific to the user
> but for the UI itself. Looking at the documentation for the Javascript
> Adapter, it appears that it only works for getting a token for the user and
> is a public access type. Is it possible to get a token for the UI and
> treat the UI as a confidential client? It would need to then have a secret
> key, right? Is there a good way to store that secret key so that it can't
> be read by users who just browse the source from their browser?
>
>
> The reason for doing this is I have another authentication engine that is
> used to access the UI. The users would then not have an account in
> Keycloak.
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
2902
days inactive
2906
days old
3 comments
2 participants
participants (2)
-
Matt H -
Stian Thorgersen