[keycloak-dev] Credentials in javascript adapter

Stian Thorgersen sthorger at redhat.com
Fri Nov 15 09:05:54 EST 2019 

The account console should be a confidential client as it is there for the
old account console.

Instead you should create a new client for the new account console.

On Fri, 15 Nov 2019 at 14:03, Stan Silvert <ssilvert at redhat.com> wrote:

> On 11/7/2019 7:46 AM, Stian Thorgersen wrote:
> > It might be there from the early days when we didn't have public clients.
> > I'd probably just keep it in case someone is using it with a confidential
> > client as removing it would break it for them. Although strictly speaking
> > you shouldn't use a confidential client with a client-side app.
> There is something else left over from when we didn't have public
> clients.  The account console is still a confidential client.
>
> With this latest change in the javascript adapter, the new account
> console is broken.  (Both old and new account console use the same
> client definition)
>
> Does anyone have an issue with changing the (old and new) account
> console to a public client?
>
> >
> > On Thu, 7 Nov 2019 at 07:42, Michal Hajas <mhajas at redhat.com> wrote:
> >
> >> Hello,
> >>
> >> in Javascript adapter we have a possibility to configure a client secret
> >> [1] in order to use Basic authorization for requests for token endpoint
> >> [2]. I haven't found any information in docs about it and I don't
> >> understand why we have it there as public clients don't have secrets. Is
> >> this useful in some scenarios or we should remove it?
> >>
> >> Michal
> >>
> >> [1]
> >>
> >>
> https://github.com/keycloak/keycloak/blob/master/adapters/oidc/js/src/main/resources/keycloak.js#L882
> >> &
> >> <
> https://github.com/keycloak/keycloak/blob/master/adapters/oidc/js/src/main/resources/keycloak.js#L882&
> >
> >>
> >>
> https://github.com/keycloak/keycloak/blob/master/adapters/oidc/js/src/main/resources/keycloak.js#L866
> >>
> >> [2]
> >>
> >>
> https://github.com/keycloak/keycloak/blob/master/adapters/oidc/js/src/main/resources/keycloak.js#L617
> >> &
> >> <
> https://github.com/keycloak/keycloak/blob/master/adapters/oidc/js/src/main/resources/keycloak.js#L617&
> >
> >>
> >>
> https://github.com/keycloak/keycloak/blob/master/adapters/oidc/js/src/main/resources/keycloak.js#L732
> >> _______________________________________________
> >> keycloak-dev mailing list
> >> keycloak-dev at lists.jboss.org
> >> https://lists.jboss.org/mailman/listinfo/keycloak-dev
> >>
> > _______________________________________________
> > keycloak-dev mailing list
> > keycloak-dev at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
>
>

More information about the keycloak-dev mailing list