[keycloak-user] Secured application configuration question
Paul Blair
pblair at clearme.com
Tue Dec 8 21:20:09 EST 2015
I'm setting up apiman with Keycloak and have a question that the folks on the apiman user list suggested I ask here.
In the Wildfly configuration for apiman, I see several entries like this (one for each war file):
<kc:secure-deployment xmlns:kc="urn:jboss:domain:keycloak:1.0" name="apiman.war">
<kc:realm>apiman</kc:realm>
<kc:resource>apiman</kc:resource>
<kc:credential name="secret">password</kc:credential>
I'm noticing that they fill in the word "password" here, but in their instructions they don't specify to replace it with a particular password. My guess is that this credential is used only for applications that request REST Direct Access Grants, and that since apiman doesn't do that, they can use a dummy password in this configuration.
Is it correct that this credential is used only for Direct Access Grants?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20151209/d3ccf684/attachment.html
More information about the keycloak-user
mailing list