[keycloak-dev] Cross Client Use case

Bill Burke bburke at redhat.com
Mon Apr 13 09:37:49 EDT 2015

Our tokens are JsonWebSignatures.  If the other applications have the 
public key of the realm, they can verify those signatures.  Keycloak 
also has a remote validation URL which you can send a token to.


On 4/12/2015 6:58 AM, Raghu Prabhala wrote:
>   We have a use case similar to the one listed in the below url -
> basically once a user is authenticated, a client application after
> receiving the tokens from the Provider, shares the tokens with a few
> other applications that are in a group. The other client applications
> should be able to verify the tokens without requiring any more user
> interaction. In the OIDC world, unfortunately, the aud parameter has the
> clientid of the first app only and it will fail validation by the other
> apps. So, is there any way this can be  handled in KC?
> https://developers.google.com/identity/protocols/CrossClientAuth
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev

Bill Burke
JBoss, a division of Red Hat

More information about the keycloak-dev mailing list