[keycloak-dev] WG: How to generate a token string in a custom keycloak extension?

Thomas Darimont thomas.darimont at googlemail.com
Tue Jan 23 09:47:30 EST 2018

Hello Felix,

What's your use case?

Keycloak provides action tokens that permits its bearer to perform some
actions, e. g. to reset a password or validate e-mail address.

Perhaps you could have a look at the action tokens SPI:

Keycloaks OIDC Tokens (AccessToken, RefreshToken, IDToken) are generated
within org.keycloak.protocol.oidc.TokenManager and exposed
via the org.keycloak.protocol.oidc.endpoints.TokenEndpoint. Tokens can be
verified via the org.keycloak.RSATokenVerifier.


2018-01-23 15:29 GMT+01:00 Felix Peters <peters at develop4edu.de>:

> Hi,
> I'm pretty new to Keycloak development and at the moment I'm trying to
> develop some demo extensions to learn how SPI's an stuff like that work in
> Keycloak.
> My Question is:
> Is there a util- or helper-class which I can use to generate an secure
> token string in my extension code (pretty much the same as an oauth access
> or refresh token)?
> I was not able to find something In the Keycloak code, but maybe there is
> something like that.
> Thank you in advance,
> Felix Peters
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev

More information about the keycloak-dev mailing list