[keycloak-user] Token Grant

Rodrigo Sasaki rodrigopsasaki at gmail.com
Fri May 9 17:06:37 EDT 2014


I'm sorry but I believe I may have misunderstood you somehow, I tried
building a request for that URL to test it.

The application I'm trying to access is the product-portal application from
the unconfigured demo, I followed the tutorials and got it running, so
here's the post I created:

POST http://localhost:8080/auth/rest/realms/demo/tokens/grants/access
Authorization: Basic
cHJvZHVjdC1wb3J0YWw6MWQ5MDRlYzAtNjViMS00MDljLTljYTUtMDhkMGI1ODI0Y2I4
Content-Type: application/x-www-form-urlencoded

Form Data:
username: product-portal
password: key generated by keycloak


Here the Authorization header was also built on the name product-portal and
the key that keycloak generated, so I entered it twice, and I know that
can't be right, but I don't really know where my mistake is. I apologize
for the inconvenience, but if it's not much trouble, could you clarify that
for me?



On Fri, May 9, 2014 at 5:50 PM, Rodrigo Sasaki <rodrigopsasaki at gmail.com>wrote:

> I considered that aswell.
>
> The thing is the mobile app is already completed, and I'm not in the
> position to make such design calls.
>
> My idea was to create a normal Application, and use the URLs I define
> there instead of just giving the token to the mobile app, that's what you
> meant right?
>
> Nonetheless I'll definitely pass on your suggestion up, it definitely
> sounds better and cleaner. Thank you for such a quick response!
>
>
> On Fri, May 9, 2014 at 5:46 PM, Bill Burke <bburke at redhat.com> wrote:
>
>> You can do a Basic Auth request
>>
>> POST /content-root/realms/{realm}/tokens/grants/access
>> Authorization: Basic auth with client_id and secret
>> Content-Type: application/x-www-form-urlencoded
>>
>> client_id is the id of your register application.
>>
>> form parameters are:
>>
>> username
>> password
>>
>>
>> BTW, for mobile, IMO, you are better off doing oauth with the mobile
>> client and doing a mobile redirect to your browser and back.  That way
>> Keycloak can manage your accounts.
>>
>>
>>
>>
>> On 5/9/2014 4:35 PM, Rodrigo Sasaki wrote:
>> > Hello everyone,
>> >
>> > Fist of all I apologize if I do anything that isn't normal, this is the
>> > 1st time I subscribe to a mailing list, please let me know if I should
>> > have done anything differently.
>> >
>> > Alright then, my question is this: Is there a way for me to get a token
>> > providing only user and password? Let me try and clarify it better.
>> >
>> > We are using a homegrown solution based on SkeletonKey and we have a
>> > flow where we use an URL that requires username and password and returns
>> > directly an Access Token, with no Access Codes envolved. We use this so
>> > that our own mobile apps can get access to our REST services.
>> >
>> > Is there any way I could get around this with Keycloak? Getting an
>> > access token directly to my mobile app?
>> >
>> >
>> > _______________________________________________
>> > keycloak-user mailing list
>> > keycloak-user at lists.jboss.org
>> > https://lists.jboss.org/mailman/listinfo/keycloak-user
>> >
>>
>> --
>> Bill Burke
>> JBoss, a division of Red Hat
>> http://bill.burkecentral.com
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
>
>
> --
> Rodrigo Sasaki
>



-- 
Rodrigo Sasaki
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20140509/3263881f/attachment-0001.html 


More information about the keycloak-user mailing list