[keycloak-user] Token Grant

Bill Burke bburke at redhat.com
Fri May 9 17:22:48 EDT 2014 

We're doing a lot of work with Keycloak and Mobile in the LiveOak 
project.  Its just a matter of us documenting and providing examples 
which takes time.

On 5/9/2014 4:50 PM, Rodrigo Sasaki wrote:
> I considered that aswell.
>
> The thing is the mobile app is already completed, and I'm not in the
> position to make such design calls.
>
> My idea was to create a normal Application, and use the URLs I define
> there instead of just giving the token to the mobile app, that's what
> you meant right?
>
> Nonetheless I'll definitely pass on your suggestion up, it definitely
> sounds better and cleaner. Thank you for such a quick response!
>
>
> On Fri, May 9, 2014 at 5:46 PM, Bill Burke <bburke at redhat.com
> <mailto:bburke at redhat.com>> wrote:
>
>     You can do a Basic Auth request
>
>     POST /content-root/realms/{realm}/tokens/grants/access
>     Authorization: Basic auth with client_id and secret
>     Content-Type: application/x-www-form-urlencoded
>
>     client_id is the id of your register application.
>
>     form parameters are:
>
>     username
>     password
>
>
>     BTW, for mobile, IMO, you are better off doing oauth with the mobile
>     client and doing a mobile redirect to your browser and back.  That way
>     Keycloak can manage your accounts.
>
>
>
>
>     On 5/9/2014 4:35 PM, Rodrigo Sasaki wrote:
>      > Hello everyone,
>      >
>      > Fist of all I apologize if I do anything that isn't normal, this
>     is the
>      > 1st time I subscribe to a mailing list, please let me know if I
>     should
>      > have done anything differently.
>      >
>      > Alright then, my question is this: Is there a way for me to get a
>     token
>      > providing only user and password? Let me try and clarify it better.
>      >
>      > We are using a homegrown solution based on SkeletonKey and we have a
>      > flow where we use an URL that requires username and password and
>     returns
>      > directly an Access Token, with no Access Codes envolved. We use
>     this so
>      > that our own mobile apps can get access to our REST services.
>      >
>      > Is there any way I could get around this with Keycloak? Getting an
>      > access token directly to my mobile app?
>      >
>      >
>      > _______________________________________________
>      > keycloak-user mailing list
>      > keycloak-user at lists.jboss.org <mailto:keycloak-user at lists.jboss.org>
>      > https://lists.jboss.org/mailman/listinfo/keycloak-user
>      >
>
>     --
>     Bill Burke
>     JBoss, a division of Red Hat
>     http://bill.burkecentral.com
>     _______________________________________________
>     keycloak-user mailing list
>     keycloak-user at lists.jboss.org <mailto:keycloak-user at lists.jboss.org>
>     https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
>
>
> --
> Rodrigo Sasaki

-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com

More information about the keycloak-user mailing list