On 9 January 2017 at 15:03, Matt H <tsdgcc2087(a)outlook.com> wrote:
I didn't think there was, but I had to check.
I have a module that I have to use that authenticates a user. So when a
user goes to a UI, they will be required to authenticate with this. It
validates that they are who they are. From there the UI (pure JS) would
call an application that is secured with Keycloak so the request needs a
token to access it. A lot of our application to application calls are set
up as clients with confidential access, so the application is what the
ticket is for, not the user using the application. Make sense?
Nopes, sorry. I read this a few times and I don't understand it at all.
*From:* Stian Thorgersen <sthorger(a)redhat.com>
*Sent:* Monday, January 9, 2017 3:46 AM
*To:* Matt H
*Subject:* Re: [keycloak-user] Get token for JS UI
No, of course there isn't. A JS app runs entirely within the users
Can you explain what you're actually trying to achieve? I don't get it.
On 6 January 2017 at 16:29, Matt H <tsdgcc2087(a)outlook.com> wrote:
> obtain a token from Keycloak. The token would not be specific to the user
> Adapter, it appears that it only works for getting a token for the user and
> is a public access type. Is it possible to get a token for the UI and
> treat the UI as a confidential client? It would need to then have a secret
> key, right? Is there a good way to store that secret key so that it can't
> be read by users who just browse the source from their browser?
> The reason for doing this is I have another authentication engine that is
> used to access the UI. The users would then not have an account in
> keycloak-user mailing list