[keycloak-user] Application to applications using bearer token
Marek Posolda
mposolda at redhat.com
Wed Apr 15 12:29:31 EDT 2015
That's quite strange. It should already be possible to authenticate
against confidential applications with bearer-token. For example if you
switch demo database-service as "confidential" instead of "bearer-only",
it should be still possible to authenticate to it with the bearer access
token sent from customer-portal. You can try it and see if it works.
If demo works for you, but your applications don't, it's probably some
configuration problem on your side.
Marek
On 15.4.2015 17:44, Scott Rossillo wrote:
> Actually, I wanted to clarify one thing:
>
> In the demos the database-service is set up as bearer-only. Maybe
> that’s the problem I’m having. I have the dependent service set as
> confidential. But shouldn’t this be supported?
>
> What if the service provides both user facing features and APIs that
> can be accessed with bearer tokens?
>
> Thanks again,
> Scott
>
> On Wed, Apr 15, 2015 at 11:41 AM, Scott Rossillo
> <srossillo at smartling.com <mailto:srossillo at smartling.com>> wrote:
>
> In the demos, there’s a clear example of how a user is
> authenticated against an application, say the customer-portal, and
> then the customer-portal requests information from the
> database-service using the access token as a bearer token.
>
> In this example, the database-service accepts the bearer token and
> returns data.
>
> However, using the Keycloak Adapters and attempting to do the same
> thing, the authentication is rejected. Any idea what may be
> causing this?
>
> Thanks,
> Scott
>
>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20150415/c5e52659/attachment.html
More information about the keycloak-user
mailing list