[keycloak-dev] authenticating applications

[Bill Burke]

If SSL is a realm requirement, can't you use two-way SSL using between 
Keycloak and the application's server using the certificates of each of 
those servers?  There would be no need to set up client certs.  For 
self-signed certs you could even do what the browser does and have the 
admin console ask to trust the cert from the host of the application's 
server  (vice versa too!).
-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com