[keycloak-user] Recommendations for protecting REST service with bearer token and basic auth

Juraci Paixão Kröhling juraci at kroehling.de
Fri Nov 21 11:35:17 EST 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 11/21/2014 05:09 PM, Bill Burke wrote:
> I don't think we ever want to separate the token from the user
> session.

So, this means that all hosts using an offline refresh token created
for the user "jdoe1" will have to be replaced if said employee is
fired? This would be the advantage (and main purpose, IMO) of having
service accounts.

- - Juca.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBCgAGBQJUb2nFAAoJEDnJtskdmzLMxiAH/ArOh1x2S23w+ReM/PHu55ri
vu5KfeNdKqUG0an/ot57lhVBgPFmk5UAU6D1+rCniNXpBMHhhv7Ww0KK2XnMF1S0
im08ZYBLjgvDLo9gpyJ/OF33TEThmFePhdKBU0ZnOOR5xGKqsS5A6J6DKOJjUgCp
kYQDINFRT2Cak+10hCDZAt4gZa8+FlCpk9KpbBQHhocN5R7wz4c/K4NXaWNImjsv
f/TquJmtT0wUZ9hqjKmZRzCeXRCaS3lT7/PMO9lQE8wyXg5yyRhqCz1yG5zDooOG
07Y72csj8pVYDLmtTlhrapsu9648vC2bh5KxwFikieQjR30Z//ictWshT3lQAK4=
=jmT4
-----END PGP SIGNATURE-----


More information about the keycloak-user mailing list