[keycloak-user] keycloak 1.3.1 OpenID Connect token introspection url
Niels Bertram
nielsbne at gmail.com
Mon Jun 29 11:30:51 EDT 2015
Hi there,
I am trying to configure a server side (RP) client which requires a JWT
introspection URL on the OP. I tried to find such endpoint on the KeyCloak
server without avail neither did I actually find any url of type
"introspect" in the OpenID Connect Specification.
Does anyone know if/how a OAuth2 client can validate a JWT token via a back
channel with the KeyCloak server?
The client I am trying to configure is the MITREid client as per
https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/wiki/Token-Introspecting-Client-Config
Looking at the code, the client will issue a post to the introspection
endpoint with some form data:
POST /auth/realms/myrealm/protocol/openid-connect/introspect HTTP/1.1
Host: localhost:8080
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
client_id=myapp&client_secret=mysupersecret&token=eyJhbGciO[trunkated but
valid access token]
Any pointers are much appreciated.
Kind Regards,
Niels
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20150630/e47e0aa2/attachment.html
More information about the keycloak-user
mailing list