[keycloak-user] Token Grant
Bill Burke
bburke at redhat.com
Fri May 9 17:14:23 EDT 2014
Authorization header would be generated from "product-portal" and "key
generated by keycloak".
Form Data:
username: bburke
password: bills-password
On 5/9/2014 5:06 PM, Rodrigo Sasaki wrote:
> I'm sorry but I believe I may have misunderstood you somehow, I tried
> building a request for that URL to test it.
>
> The application I'm trying to access is the product-portal application
> from the unconfigured demo, I followed the tutorials and got it running,
> so here's the post I created:
>
> POST http://localhost:8080/auth/rest/realms/demo/tokens/grants/access
> Authorization: Basic
> cHJvZHVjdC1wb3J0YWw6MWQ5MDRlYzAtNjViMS00MDljLTljYTUtMDhkMGI1ODI0Y2I4
> Content-Type: application/x-www-form-urlencoded
>
> Form Data:
> username: product-portal
> password: key generated by keycloak
>
>
> Here the Authorization header was also built on the name product-portal
> and the key that keycloak generated, so I entered it twice, and I know
> that can't be right, but I don't really know where my mistake is. I
> apologize for the inconvenience, but if it's not much trouble, could you
> clarify that for me?
>
>
> On Fri, May 9, 2014 at 5:50 PM, Rodrigo Sasaki <rodrigopsasaki at gmail.com
> <mailto:rodrigopsasaki at gmail.com>> wrote:
>
> I considered that aswell.
>
> The thing is the mobile app is already completed, and I'm not in the
> position to make such design calls.
>
> My idea was to create a normal Application, and use the URLs I
> define there instead of just giving the token to the mobile app,
> that's what you meant right?
>
> Nonetheless I'll definitely pass on your suggestion up, it
> definitely sounds better and cleaner. Thank you for such a quick
> response!
>
>
> On Fri, May 9, 2014 at 5:46 PM, Bill Burke <bburke at redhat.com
> <mailto:bburke at redhat.com>> wrote:
>
> You can do a Basic Auth request
>
> POST /content-root/realms/{realm}/tokens/grants/access
> Authorization: Basic auth with client_id and secret
> Content-Type: application/x-www-form-urlencoded
>
> client_id is the id of your register application.
>
> form parameters are:
>
> username
> password
>
>
> BTW, for mobile, IMO, you are better off doing oauth with the mobile
> client and doing a mobile redirect to your browser and back.
> That way
> Keycloak can manage your accounts.
>
>
>
>
> On 5/9/2014 4:35 PM, Rodrigo Sasaki wrote:
> > Hello everyone,
> >
> > Fist of all I apologize if I do anything that isn't normal,
> this is the
> > 1st time I subscribe to a mailing list, please let me know if
> I should
> > have done anything differently.
> >
> > Alright then, my question is this: Is there a way for me to
> get a token
> > providing only user and password? Let me try and clarify it
> better.
> >
> > We are using a homegrown solution based on SkeletonKey and we
> have a
> > flow where we use an URL that requires username and password
> and returns
> > directly an Access Token, with no Access Codes envolved. We
> use this so
> > that our own mobile apps can get access to our REST services.
> >
> > Is there any way I could get around this with Keycloak?
> Getting an
> > access token directly to my mobile app?
> >
> >
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org
> <mailto:keycloak-user at lists.jboss.org>
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
> >
>
> --
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org <mailto:keycloak-user at lists.jboss.org>
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
>
>
> --
> Rodrigo Sasaki
>
>
>
>
> --
> Rodrigo Sasaki
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-user
mailing list