[keycloak-user] Recommendations for protecting REST service with bearer token and basic auth
Juraci Paixão Kröhling
juraci at kroehling.de
Wed Nov 19 08:30:02 EST 2014
-----BEGIN PGP SIGNED MESSAGE-----
On 11/19/2014 01:01 PM, Stian Thorgersen wrote:
> One exception though is that in this case you probably want an
> offline token, which is something we don't support yet. Basically
> an offline token would be a token that's not associated with a
> specific user session, which would have a longer (possibly
> unlimited) lifetime. The user would also need to be able to view
> and revoke these tokens through the account management.
That's exactly what I mean :-) Is there a plan for this feature
already? If not, and if it's a desirable feature to have, I might be
able to scratch a possible solution for it.
- - Juca.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
-----END PGP SIGNATURE-----
More information about the keycloak-user