3:35 p.m.
Hello everyone,
Fist of all I apologize if I do anything that isn't normal, this is the 1st
time I subscribe to a mailing list, please let me know if I should have
done anything differently.
Alright then, my question is this: Is there a way for me to get a token
providing only user and password? Let me try and clarify it better.
We are using a homegrown solution based on SkeletonKey and we have a flow
where we use an URL that requires username and password and returns
directly an Access Token, with no Access Codes envolved. We use this so
that our own mobile apps can get access to our REST services.
Is there any way I could get around this with Keycloak? Getting an access
token directly to my mobile app?
3:46 p.m.
You can do a Basic Auth request
POST /content-root/realms/{realm}/tokens/grants/access
Authorization: Basic auth with client_id and secret
Content-Type: application/x-www-form-urlencoded
client_id is the id of your register application.
form parameters are:
username
password
BTW, for mobile, IMO, you are better off doing oauth with the mobile
client and doing a mobile redirect to your browser and back. That way
Keycloak can manage your accounts.
On 5/9/2014 4:35 PM, Rodrigo Sasaki wrote:
Hello everyone,
Fist of all I apologize if I do anything that isn't normal, this is the
1st time I subscribe to a mailing list, please let me know if I should
have done anything differently.
Alright then, my question is this: Is there a way for me to get a token
providing only user and password? Let me try and clarify it better.
We are using a homegrown solution based on SkeletonKey and we have a
flow where we use an URL that requires username and password and returns
directly an Access Token, with no Access Codes envolved. We use this so
that our own mobile apps can get access to our REST services.
Is there any way I could get around this with Keycloak? Getting an
access token directly to my mobile app?
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
3:50 p.m.
I considered that aswell.
The thing is the mobile app is already completed, and I'm not in the
position to make such design calls.
My idea was to create a normal Application, and use the URLs I define there
instead of just giving the token to the mobile app, that's what you meant
right?
Nonetheless I'll definitely pass on your suggestion up, it definitely
sounds better and cleaner. Thank you for such a quick response!
On Fri, May 9, 2014 at 5:46 PM, Bill Burke <bburke(a)redhat.com> wrote:
You can do a Basic Auth request
POST /content-root/realms/{realm}/tokens/grants/access
Authorization: Basic auth with client_id and secret
Content-Type: application/x-www-form-urlencoded
client_id is the id of your register application.
form parameters are:
username
password
BTW, for mobile, IMO, you are better off doing oauth with the mobile
client and doing a mobile redirect to your browser and back. That way
Keycloak can manage your accounts.
On 5/9/2014 4:35 PM, Rodrigo Sasaki wrote:
> Hello everyone,
>
> Fist of all I apologize if I do anything that isn't normal, this is the
> 1st time I subscribe to a mailing list, please let me know if I should
> have done anything differently.
>
> Alright then, my question is this: Is there a way for me to get a token
> providing only user and password? Let me try and clarify it better.
>
> We are using a homegrown solution based on SkeletonKey and we have a
> flow where we use an URL that requires username and password and returns
> directly an Access Token, with no Access Codes envolved. We use this so
> that our own mobile apps can get access to our REST services.
>
> Is there any way I could get around this with Keycloak? Getting an
> access token directly to my mobile app?
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
--
Rodrigo Sasaki
4:06 p.m.
I'm sorry but I believe I may have misunderstood you somehow, I tried
building a request for that URL to test it.
The application I'm trying to access is the product-portal application from
the unconfigured demo, I followed the tutorials and got it running, so
here's the post I created:
POST http://localhost:8080/auth/rest/realms/demo/tokens/grants/access
Authorization: Basic
cHJvZHVjdC1wb3J0YWw6MWQ5MDRlYzAtNjViMS00MDljLTljYTUtMDhkMGI1ODI0Y2I4
Content-Type: application/x-www-form-urlencoded
Form Data:
username: product-portal
password: key generated by keycloak
Here the Authorization header was also built on the name product-portal and
the key that keycloak generated, so I entered it twice, and I know that
can't be right, but I don't really know where my mistake is. I apologize
for the inconvenience, but if it's not much trouble, could you clarify that
for me?
On Fri, May 9, 2014 at 5:50 PM, Rodrigo Sasaki <rodrigopsasaki(a)gmail.com>wrote:
I considered that aswell.
The thing is the mobile app is already completed, and I'm not in the
position to make such design calls.
My idea was to create a normal Application, and use the URLs I define
there instead of just giving the token to the mobile app, that's what you
meant right?
Nonetheless I'll definitely pass on your suggestion up, it definitely
sounds better and cleaner. Thank you for such a quick response!
On Fri, May 9, 2014 at 5:46 PM, Bill Burke <bburke(a)redhat.com> wrote:
> You can do a Basic Auth request
>
> POST /content-root/realms/{realm}/tokens/grants/access
> Authorization: Basic auth with client_id and secret
> Content-Type: application/x-www-form-urlencoded
>
> client_id is the id of your register application.
>
> form parameters are:
>
> username
> password
>
>
> BTW, for mobile, IMO, you are better off doing oauth with the mobile
> client and doing a mobile redirect to your browser and back. That way
> Keycloak can manage your accounts.
>
>
>
>
> On 5/9/2014 4:35 PM, Rodrigo Sasaki wrote:
> > Hello everyone,
> >
> > Fist of all I apologize if I do anything that isn't normal, this is the
> > 1st time I subscribe to a mailing list, please let me know if I should
> > have done anything differently.
> >
> > Alright then, my question is this: Is there a way for me to get a token
> > providing only user and password? Let me try and clarify it better.
> >
> > We are using a homegrown solution based on SkeletonKey and we have a
> > flow where we use an URL that requires username and password and returns
> > directly an Access Token, with no Access Codes envolved. We use this so
> > that our own mobile apps can get access to our REST services.
> >
> > Is there any way I could get around this with Keycloak? Getting an
> > access token directly to my mobile app?
> >
> >
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user(a)lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
> >
>
> --
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
--
Rodrigo Sasaki
--
Rodrigo Sasaki
4:14 p.m.
Authorization header would be generated from "product-portal" and "key
generated by keycloak".
Form Data:
username: bburke
password: bills-password
On 5/9/2014 5:06 PM, Rodrigo Sasaki wrote:
I'm sorry but I believe I may have misunderstood you somehow, I
tried
building a request for that URL to test it.
The application I'm trying to access is the product-portal application
from the unconfigured demo, I followed the tutorials and got it running,
so here's the post I created:
POST http://localhost:8080/auth/rest/realms/demo/tokens/grants/access
Authorization: Basic
cHJvZHVjdC1wb3J0YWw6MWQ5MDRlYzAtNjViMS00MDljLTljYTUtMDhkMGI1ODI0Y2I4
Content-Type: application/x-www-form-urlencoded
Form Data:
username: product-portal
password: key generated by keycloak
Here the Authorization header was also built on the name product-portal
and the key that keycloak generated, so I entered it twice, and I know
that can't be right, but I don't really know where my mistake is. I
apologize for the inconvenience, but if it's not much trouble, could you
clarify that for me?
On Fri, May 9, 2014 at 5:50 PM, Rodrigo Sasaki <rodrigopsasaki(a)gmail.com
<mailto:rodrigopsasaki@gmail.com>> wrote:
I considered that aswell.
The thing is the mobile app is already completed, and I'm not in the
position to make such design calls.
My idea was to create a normal Application, and use the URLs I
define there instead of just giving the token to the mobile app,
that's what you meant right?
Nonetheless I'll definitely pass on your suggestion up, it
definitely sounds better and cleaner. Thank you for such a quick
response!
On Fri, May 9, 2014 at 5:46 PM, Bill Burke <bburke(a)redhat.com
<mailto:bburke@redhat.com>> wrote:
You can do a Basic Auth request
POST /content-root/realms/{realm}/tokens/grants/access
Authorization: Basic auth with client_id and secret
Content-Type: application/x-www-form-urlencoded
client_id is the id of your register application.
form parameters are:
username
password
BTW, for mobile, IMO, you are better off doing oauth with the mobile
client and doing a mobile redirect to your browser and back.
That way
Keycloak can manage your accounts.
On 5/9/2014 4:35 PM, Rodrigo Sasaki wrote:
> Hello everyone,
>
> Fist of all I apologize if I do anything that isn't normal,
this is the
> 1st time I subscribe to a mailing list, please let me know if
I should
> have done anything differently.
>
> Alright then, my question is this: Is there a way for me to
get a token
> providing only user and password? Let me try and clarify it
better.
>
> We are using a homegrown solution based on SkeletonKey and we
have a
> flow where we use an URL that requires username and password
and returns
> directly an Access Token, with no Access Codes envolved. We
use this so
> that our own mobile apps can get access to our REST services.
>
> Is there any way I could get around this with Keycloak?
Getting an
> access token directly to my mobile app?
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
<mailto:keycloak-user@lists.jboss.org>
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org <mailto:keycloak-user@lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user
--
Rodrigo Sasaki
--
Rodrigo Sasaki
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
4:22 p.m.
We're doing a lot of work with Keycloak and Mobile in the LiveOak
project. Its just a matter of us documenting and providing examples
which takes time.
On 5/9/2014 4:50 PM, Rodrigo Sasaki wrote:
I considered that aswell.
The thing is the mobile app is already completed, and I'm not in the
position to make such design calls.
My idea was to create a normal Application, and use the URLs I define
there instead of just giving the token to the mobile app, that's what
you meant right?
Nonetheless I'll definitely pass on your suggestion up, it definitely
sounds better and cleaner. Thank you for such a quick response!
On Fri, May 9, 2014 at 5:46 PM, Bill Burke <bburke(a)redhat.com
<mailto:bburke@redhat.com>> wrote:
You can do a Basic Auth request
POST /content-root/realms/{realm}/tokens/grants/access
Authorization: Basic auth with client_id and secret
Content-Type: application/x-www-form-urlencoded
client_id is the id of your register application.
form parameters are:
username
password
BTW, for mobile, IMO, you are better off doing oauth with the mobile
client and doing a mobile redirect to your browser and back. That way
Keycloak can manage your accounts.
On 5/9/2014 4:35 PM, Rodrigo Sasaki wrote:
> Hello everyone,
>
> Fist of all I apologize if I do anything that isn't normal, this
is the
> 1st time I subscribe to a mailing list, please let me know if I
should
> have done anything differently.
>
> Alright then, my question is this: Is there a way for me to get a
token
> providing only user and password? Let me try and clarify it better.
>
> We are using a homegrown solution based on SkeletonKey and we have a
> flow where we use an URL that requires username and password and
returns
> directly an Access Token, with no Access Codes envolved. We use
this so
> that our own mobile apps can get access to our REST services.
>
> Is there any way I could get around this with Keycloak? Getting an
> access token directly to my mobile app?
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org <mailto:keycloak-user@lists.jboss.org>
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org <mailto:keycloak-user@lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user
--
Rodrigo Sasaki
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
3894
days inactive
3894
days old
5 comments
2 participants
participants (2)
-
Bill Burke -
Rodrigo Sasaki