[keycloak-user] REST API security
Bill Burke
bburke at redhat.com
Mon Apr 14 16:09:11 EDT 2014
Yes.
On 4/14/2014 12:14 PM, Nils Preusker wrote:
> Hi Bill,
>
> ok, so 4.3 seems to be the way to go for us. Did I understand you
> correctly that keycloak will continue to support this?
>
> Cheers,
> Nils
>
>
> On Mon, Apr 14, 2014 at 4:39 PM, Bill Burke <bburke at redhat.com
> <mailto:bburke at redhat.com>> wrote:
>
> You could use section 4.1 (Auth code grant) or 4.3 (Resource Owner
> Password Credentials Grant) with any OAuth library. 4.1 will require a
> browser. 4.3 doesn't.
>
> We will always support OAuth 2.0 through OpenID Connect.
>
> On 4/14/2014 10:34 AM, Nils Preusker wrote:
> > Hi Bill,
> >
> > I'm familiar with the examples, however I'm looking for a way to
> grant
> > third-party clients access to my API. Since they could be written
> in a
> > variety of languages, I'd like them to be able to obtain a token in a
> > defined way without being dependent on Keycloak.
> >
> > I suppose the approach Marek mentioned (OAuth spec section 4.3)
> should
> > do the trick though (as long as you are planning to continue
> supporting it).
> >
> > Cheers,
> > Nils
> >
> >
> > On Mon, Apr 14, 2014 at 3:32 PM, Bill Burke <bburke at redhat.com
> <mailto:bburke at redhat.com>
> > <mailto:bburke at redhat.com <mailto:bburke at redhat.com>>> wrote:
> >
> > Bearer token security. Take a look at the examples,
> specifically the
> > database-service. This is a pure REST service secured by
> keyloak.
> >
> > At the moment, we only have support for JBoss/Wildfly, but it
> wouldn't
> > take much to write an adapter for another java environment.
> >
> > On 4/12/2014 1:09 PM, Nils Preusker wrote:
> > > Hi all,
> > >
> > > I'm trying to figure out how I could use keycloak to secure a
> > REST API
> > > that is used bu a pure backend REST client. Do you have any
> > > recommendations for that (i.e. API keys)?
> > >
> > > Cheers,
> > > Nils
> > >
> > >
> > > _______________________________________________
> > > keycloak-user mailing list
> > > keycloak-user at lists.jboss.org
> <mailto:keycloak-user at lists.jboss.org>
> <mailto:keycloak-user at lists.jboss.org
> <mailto:keycloak-user at lists.jboss.org>>
> > > https://lists.jboss.org/mailman/listinfo/keycloak-user
> > >
> >
> > --
> > Bill Burke
> > JBoss, a division of Red Hat
> > http://bill.burkecentral.com
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org
> <mailto:keycloak-user at lists.jboss.org>
> <mailto:keycloak-user at lists.jboss.org
> <mailto:keycloak-user at lists.jboss.org>>
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
> >
> >
> >
> >
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org <mailto:keycloak-user at lists.jboss.org>
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
> >
>
> --
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org <mailto:keycloak-user at lists.jboss.org>
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-user
mailing list