can we use authorization with bearer-only ? - keycloak-user - Jboss List Archives

2025

January

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

can we use authorization with bearer-only ?

authorization in a hierarchical...

Some questions about user...

uğur kolip

Monday, 26 December 2016 Mon, 26 Dec '16

4:33 p.m.

can we use bearer-only with authorization ? if it can be , how can we use ? are there any example ? when i try to use with photoz example , i get bad request (or 403 i am not sure , i change a lot of thing) Because i don't want redirect or store session , it can be used by mobil apps . Thank you for helping

Reply

Show replies by date

Pedro Igor

Wednesday, 28 December Wed, 28 Dec

2:19 a.m.

Hi, Your client can't be set as bearer-only on Keycloak Server. You can still use bearer-only on the adapter configuration though. Keycloak doesn't allow "bearer only" clients (when setting up your client on the server) to obtain tokens from the server. Try to change your client to "confidential" on the server and set bearer-only on your adapter configuration (keycloak.json). Regards. Pedro Igor On 12/26/2016 1:34:06 PM, uğur kolip <ugur.kolip(a)gmail.com> wrote: can we use bearer-only with authorization ? if it can be , how can we use ? are there any example ? when i try to use with photoz example , i get bad request (or 403 i am not sure , i change a lot of thing) Because i don't want redirect or store session , it can be used by mobil apps . Thank you for helping _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user

Reply

Stian Thorgersen

Monday, 2 January Mon, 2 Jan

3:39 p.m.

Would it not make sense that a bearer-only aka a service is able to use the authz services? Why does it need to be able to obtain tokens? On 28 December 2016 at 02:19, Pedro Igor <psilva(a)redhat.com> wrote:

Hi, Your client can't be set as bearer-only on Keycloak Server. You can still use bearer-only on the adapter configuration though. Keycloak doesn't allow "bearer only" clients (when setting up your client on the server) to obtain tokens from the server. Try to change your client to "confidential" on the server and set bearer-only on your adapter configuration (keycloak.json). Regards. Pedro Igor On 12/26/2016 1:34:06 PM, uğur kolip <ugur.kolip(a)gmail.com> wrote: can we use bearer-only with authorization ? if it can be , how can we use ? are there any example ? when i try to use with photoz example , i get bad request (or 403 i am not sure , i change a lot of thing) Because i don't want redirect or store session , it can be used by mobil apps . Thank you for helping _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user

Reply

2922

days inactive

2929

days old

keycloak-user@lists.jboss.org

Manage subscription

2 comments

3 participants

tags (0)

participants (3)

Pedro Igor
Stian Thorgersen
uğur kolip