[keycloak-dev] Native mobile OAuth2 keycloak flows

Stian Thorgersen stian at redhat.com
Mon Oct 6 09:18:52 EDT 2014 


----- Original Message -----
> From: "Corinne Krych" <corinnekrych at gmail.com>
> To: "keycloak-user at lists.jboss.org" <keycloak-dev at lists.jboss.org>
> Sent: Monday, 6 October, 2014 11:09:11 AM
> Subject: [keycloak-dev] Native mobile OAuth2 keycloak flows
> 
> Hello Keycloak team,
> 
> On native app, our aerogear-oauth2 sdk supports the following flows:
> - oauth2 authz code (publicl client) bearer-only using external browser. See
> Shoot demo.
> - oauth2 refresh grant
> - oauth2 revoke (using logout endpoint to revoke all refresh/access tokens).
> 
> We have a iOS demo [1] and its associated backend [2] which shows how to use
> authz code grant on Google, Facebook and Keycloak using aerogear oauth2 sdk
> [3]. For Android we have same level features [4] (just missing the Shoot
> demo).
> 
> To come in next release:
> - openID flow based on authz code (need an extra token decoding to get ID
> information) with a ui button “login with your keyclakbackend account”.
> Thanks to Stian I managed the base64url decoding...
> - direct grant (resource owner grant).
> - basic auth support for confidential mode
> 
> I’m thinking to do a Keyclaok (only) HelloWorld demo which show all different
> use cases.
> 
> Therefore the question: What other use cases do I miss? Feedback welcome.

A few things I can think of:

* SSO - on Android you can add shared accounts (SSO to multiple apps), is something like this available on iOS
* Social login through Keycloak - does this currently work? Again, does iOS have the concept of shared accounts for social networks, how can we utilize these?
* Roles - Keycloak tokens contains permitted roles. Some applications may wish to show/hide features depending on permissions.

> 
> ++
> Corinne
> AeroGear iOS
> ———————————
> [1] https://github.com/aerogear/aerogear-ios-cookbook/tree/swift/Shoot
> [2]
> https://github.com/corinnekrych/aerogear-backend-cookbook/blob/master/Shoot/README.md
> [3] https://github.com/aerogear/aerogear-ios-oauth2
> [4] https://github.com/aerogear/aerogear-android-authz
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>

More information about the keycloak-dev mailing list