[keycloak-dev] 403, Forbidden Issue with POST, PUT, DELETE
Mahendra Anand
in.anand19 at gmail.com
Mon Sep 3 08:06:38 EDT 2018
Hi Team,
I am trying to setup a standalone keycloak server and able to do it.
With the help of keycloak I am trying to secure REST endpoints which I am
exposing in my spring boot application.
I have all required steps to configure keycloak with spring boot
application link -
- creating new realm.
- Creating new client in that realm.
- new admin and user roles
- creating users with admin and user roles.
I am able to get access token with the help of admin user like below -
curl -d
"grant_type=password&client_id=product-app&username=admin&password=admin"
http://localhost:8181/auth/realms/springboot/protocol/openid-connect/token
And with the help of retrieved token i have able to hit GET end points of
my application.
But when I do POST, PUT, DELETE requests with token i get --
{
"timestamp": "2018-09-03T11:27:16.266+0000",
"status": 403,
"error": "Forbidden",
"message": "Forbidden",
"path": "/ds/api/v1/template/create"
}
It might be a scope issue on the user I am creating, but I am not getting
any pointer to give correct scope to user.
Kindly suggest any pointer or help will be very much appreciated. Thanks!
--
Regards
Mahendra Anand
Mobile - +91 9711429614
Skype - mahendra.anand
More information about the keycloak-dev
mailing list