[keycloak-user] REST API security
Nils Preusker
n.preusker at gmail.com
Sun Apr 13 04:30:28 EDT 2014
To clarify, I've been looking at the various clients in the examples and
know that I can simply add an authorization header with a bearer token to
the REST requests. However, as far as I understand the examples and the
code, all the login flows are based on login forms and redirects. While
this is convenient for web applications, I'm missing a simple way for a
"headless" client to obtain a token in return for application credentials
or an API key. Are you planning to support this kind of use case?
Cheers,
Nils
On Sat, Apr 12, 2014 at 7:09 PM, Nils Preusker <n.preusker at gmail.com> wrote:
> Hi all,
>
> I'm trying to figure out how I could use keycloak to secure a REST API
> that is used bu a pure backend REST client. Do you have any recommendations
> for that (i.e. API keys)?
>
> Cheers,
> Nils
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20140413/2f1b19a9/attachment.html
More information about the keycloak-user
mailing list