Hi Yann,
Is there no connectivity between Keycloaks at all, or is it only one-way? A diagram would
be helpful I think.
Which adapter do you use? Could you try enabling *both* Standard and Implicit flows for
the client? This will result in an access token returned as a "code" query
parameter in response to "response_type=code".
Cheers,
Dmitry Telegin
CTO, Acutus s.r.o.
Keycloak Consulting and Training
Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
+42 (022) 888-30-71
E-mail: info(a)acutus.pro
On Tue, 2018-07-31 at 08:26 +0000, Yann Jouanin wrote:
Hello community,
Has anybody a clue on this topic?
Best regards,
Yann
>
> I am currently trying to use implicit flow between two keycloak instances.
> My setup is :
> We have one keycloak used in our cloud and one on customer premise,
> federating the customer's ldap.
>
> Because there is no network connectivity between both the keycloak
> instances I want to use the implicit flow so the customer access our service
> in cloud, get redirected to our keycloak instance for login and then has the
> option to use its on premise instance configured as a OIDC identity provider.
> The setup work in a lab with standard flow, but with implicit flow, I get an
> error message "Standard flow is disabled for the client"
>
> Is implicit flow usable in this case?
>
> Best regards,
> Yann Jouanin
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/keycloak-user
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user