[keycloak-user] No refresh-token when requesting access token

Bill Burke bburke at redhat.com
Fri May 16 20:13:26 EDT 2014


I'm gonna guess 2 weeks.  We're running behind.  Still a bunch of jiras 
to finish and docs to write.

On 5/16/2014 5:35 PM, Nils Preusker wrote:
> Cheers, any idea when you'll do the next release?
>
> Nils
>
> --
> Blog: www.nilspreusker.de
>
>> On May 16, 2014, at 17:10, Stian Thorgersen <stian at redhat.com> wrote:
>>
>> Sorry for the rather slow response, but this has been added to master now
>>
>> ----- Original Message -----
>>> From: "Nils Preusker" <n.preusker at gmail.com>
>>> To: keycloak-user at lists.jboss.org
>>> Sent: Friday, 2 May, 2014 2:35:00 PM
>>> Subject: [keycloak-user] No refresh-token when requesting access token
>>>
>>> Hi,
>>>
>>> I noticed that when I request an access token (curl -v -H "Content-type:
>>> application/x-www-form-urlencoded"
>>> http://localhost:8080/auth/rest/realms/keycloak-admin/tokens/grants/access
>>> --data "client_id=...&client_secret=...&username=...&password=..." -H
>>> "Accept: application/json"), the response doesn't contain a refresh token.
>>>
>>> Is this intentional? And might it change in future versions?
>>>
>>> According to http://tools.ietf.org/html/rfc6749#section-4.3 (which is the
>>> spec the above method implements, right?), the refresh token in the access
>>> token response is optional.
>>>
>>> If I'm not mistaken, adding .generateRefreshToken() here:
>>> https://github.com/keycloak/keycloak/blob/master/services/src/main/java/org/keycloak/services/resources/TokenService.java#L201
>>> should do the trick, right?
>>>
>>> Cheers,
>>> Nils
>>>
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>

-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com


More information about the keycloak-user mailing list